7.5

CVE-2006-5821

EPSS 9.43%
Published 10.11.2006 23:07:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Citrix ≫ Metaframe Version1.0 Editionwindows_2000

Citrix ≫ Metaframe Version3.0 Editionmicrosoft_windows_2000

Citrix ≫ Metaframe Presentation Server Version4.0 Edition64-bit

Citrix ≫ Metaframe Presentation Server Version4.0 Editionmicrosoft_windows_2000

Citrix ≫ Metaframe Presentation Server Version4.0 Editionmicrosoft_windows_2003

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	9.43%	0.925

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/22802

http://securitytracker.com/id?1017205

http://support.citrix.com/article/CTX111186

Patch

http://www.securityfocus.com/archive/1/451337/100/100/threaded

http://www.securityfocus.com/bid/20986

http://www.vupen.com/english/advisories/2006/4429

http://www.zerodayinitiative.com/advisories/ZDI-06-038.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/30148

https://nvd.nist.gov/vuln/detail/CVE-2006-5821

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5821

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5821

EUVD