CVE-2004-1078

Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.idefense.com/application/poi/display?id=238&type=vulnerabilities	Patch Vendor Advisory
http://support.citrix.com/kb/entry.jspa?externalID=CTX105650	Patch Vendor Advisory
http://secunia.com/advisories/15108	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:citrix:metaframe_client:8.0::win-ce:::::
	cpe:2.3:a:citrix:program_neighborhood_agent:8.0::win32:::::

Information

Published : 2004-04-25 21:00

Updated : 2008-09-05 13:40

NVD link : CVE-2004-1078

Mitre link : CVE-2004-1078

JSON object : View

CWE

NVD-CWE-Other

Products Affected

citrix

metaframe_client
program_neighborhood_agent

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.idefense.com/application/poi/display?id=238&type=vulnerabilities", "name": "20050426 Citrix Program Neighborhood Agent Buffer Overflow", "tags": ["Patch", "Vendor Advisory"], "refsource": "IDEFENSE"}, {"url": "http://support.citrix.com/kb/entry.jspa?externalID=CTX105650", "name": "http://support.citrix.com/kb/entry.jspa?externalID=CTX105650", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/15108", "name": "15108", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-1078", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-04-26T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:citrix:metaframe_client:8.0:*:win-ce:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:program_neighborhood_agent:8.0:*:win32:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:40Z"}

7.5 /10