VYPR

Presentation Server Client

by Citrix Systems

CVEs (13)

  • CVE-2008-0356Jan 18, 2008
    risk 0.06cvss epss 0.73

    Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size…

  • CVE-2006-6334Dec 8, 2006
    risk 0.06cvss epss 0.34

    Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Server Client before 9.230 for Windows allows remote malicious web sites to execute arbitrary code via a DataSize parameter that is less than the length of the Data buffer.

  • CVE-2007-0444Jan 24, 2007
    risk 0.04cvss epss 0.14

    Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2)…

  • CVE-2008-6561Mar 31, 2009
    risk 0.00cvss epss 0.00

    Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges.

  • CVE-2008-5107Nov 17, 2008
    risk 0.00cvss epss 0.00

    The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.

  • CVE-2008-4676Oct 22, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. …

  • CVE-2008-2300May 18, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.

  • CVE-2008-2299May 18, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow…

  • CVE-2007-3625Jul 9, 2007
    risk 0.00cvss epss 0.02

    The Program Neighborhood Agent in Citrix Presentation Server Clients for 32-bit Windows before 10.100 allows remote attackers to cause a denial of service (agent exit) via a certain request that uses content redirection and a long pathname.

  • CVE-2007-1196Mar 2, 2007
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in Citrix Presentation Server Client for Windows before 10.0 allows remote web sites to execute arbitrary code via unspecified vectors, related to the implementation of ICA connectivity through proxy servers.

  • CVE-2006-5861Nov 10, 2006
    risk 0.00cvss epss 0.04

    The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped…

  • CVE-2006-5821Nov 10, 2006
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service…

  • CVE-2002-2426Dec 31, 2002
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated…