Unrated severityNVD Advisory· Published Jan 18, 2008· Updated Apr 23, 2026

CVE-2008-0356

Description

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.

Affected products

Citrix Systems/Access Essentials
cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*
Range: <=2.0
Citrix Systems/Desktop Server
cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*
Citrix Systems/Metaframe Presentation Server
cpe:2.3:a:citrix:metaframe_presentation_server:*:*:*:*:*:*:*:*
Range: <=4.5
Citrix Systems/Presentation Server
cpe:2.3:a:citrix:presentation_server:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.citrix.com/article/CTX114487nvdPatch
secunia.com/advisories/28508nvdVendor Advisory
www.kb.cert.org/vuls/id/412228nvdUS Government Resource
www.securityfocus.com/archive/1/486585/100/0/threadednvd
www.securityfocus.com/bid/27329nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/0172nvd
zerodayinitiative.com/advisories/ZDI-08-002.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.057
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000