Citrix

Metaframe

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2007-2850

  • EPSS 1.85%
  • Veröffentlicht 24.05.2007 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modifi...

7.2

CVE-2007-0444

  • EPSS 2.08%
  • Veröffentlicht 24.01.2007 22:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to ...

7.5

CVE-2006-5821

  • EPSS 9.43%
  • Veröffentlicht 10.11.2006 23:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management...

5

CVE-2006-5861

  • EPSS 6.86%
  • Veröffentlicht 10.11.2006 23:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the servi...

6.5

CVE-2006-3779

  • EPSS 0.94%
  • Veröffentlicht 24.07.2006 12:19:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges.

7.5

CVE-2005-3134

Exploit
  • EPSS 0.79%
  • Veröffentlicht 04.10.2005 22:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).

4.3

CVE-2003-1157

Exploit
  • EPSS 1.86%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.

5

CVE-2001-0716

  • EPSS 1.11%
  • Veröffentlicht 06.12.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server.

7.5

CVE-2001-0908

  • EPSS 0.64%
  • Veröffentlicht 21.11.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

10

CVE-2000-0244

Exploit
  • EPSS 0.9%
  • Veröffentlicht 29.03.2000 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.