Unrated severityNVD Advisory· Published Oct 4, 2005· Updated Apr 16, 2026

CVE-2005-3134

Description

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).

Affected products

Citrix Systems/Metaframe2 versions
cpe:2.3:a:citrix:metaframe:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:citrix:metaframe:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.grupoitpro.com.ar/ctxpoliciesbypass.txtnvdExploitVendor Advisory
secunia.com/advisories/17032/nvdVendor Advisory
marc.infonvd
securityreason.com/securityalert/39nvd
securitytracker.com/idnvd
support.citrix.com/kb/entry%21default.jspanvd
www.securityfocus.com/bid/14989nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000