Lucene search

[email protected]CVE-2004-1078

HistoryApr 26, 2005 - 4:00 a.m.

CVE-2004-1078

2005-04-2604:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1078

citrix

buffer overflow

remote code execution

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

95.0%

JSON

Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element.

Affected configurations

NVD

Node

citrixmetaframe_clientMatch8.0win-ce

citrixprogram_neighborhood_agentMatch8.0win32

CPENameOperatorVersion
citrix:metaframe_clientcitrix metaframe clienteq8.0
citrix:program_neighborhood_agentcitrix program neighborhood agenteq8.0

CPE	Name	Operator	Version
citrix:metaframe_client	citrix metaframe client	eq	8.0
citrix:program_neighborhood_agent	citrix program neighborhood agent	eq	8.0

References

secunia.com/advisories/15108

support.citrix.com/kb/entry.jspa?externalID=CTX105650

www.idefense.com/application/poi/display?id=238&type=vulnerabilities

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2004-1078

cvelist1 checkpoint_advisories1 nvd1