Unrated severityNVD Advisory· Published May 24, 2007· Updated Apr 23, 2026

CVE-2007-2850

Description

The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.

Affected products

Citrix Systems/Access Essentials2 versions
cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*
Citrix Systems/Metaframe6 versions
cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*+ 5 more
- cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2003:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:3.0:*:x64_edition:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:4.0:*:microsoft_windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:4.0:*:microsoft_windows_2003:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:4.0:*:x64_edition:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/25371nvdPatchVendor Advisory
fortconsult.net/files/fortconsult.dk/citrix_advisory.pdfnvd
support.citrix.com/article/CTX112964nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/1918nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34448nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000