CVE-2007-4016

Unspecified vulnerability in the client components in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://support.citrix.com/article/CTX113815	Patch
http://support.citrix.com/article/CTX114028	Patch
http://www.securityfocus.com/bid/24975	Patch
http://secunia.com/advisories/26143	Patch Vendor Advisory
http://www.securitytracker.com/id?1018435
http://osvdb.org/43983
http://www.vupen.com/english/advisories/2007/2583

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:citrix:access_gateway:::standard:::::*
	cpe:2.3:a:citrix:access_gateway:4.2:::::::*
	cpe:2.3:a:citrix:access_gateway:::advanced:::::*
	cpe:2.3:a:citrix:access_gateway:4.0:::::::*

Information

Published : 2007-07-25 18:30

Updated : 2011-03-07 18:57

NVD link : CVE-2007-4016

Mitre link : CVE-2007-4016

JSON object : View

CWE

NVD-CWE-Other

Products Affected

citrix

access_gateway

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://support.citrix.com/article/CTX113815", "name": "http://support.citrix.com/article/CTX113815", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://support.citrix.com/article/CTX114028", "name": "http://support.citrix.com/article/CTX114028", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/24975", "name": "24975", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/26143", "name": "26143", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1018435", "name": "1018435", "tags": [], "refsource": "SECTRACK"}, {"url": "http://osvdb.org/43983", "name": "43983", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/2583", "name": "ADV-2007-2583", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the client components in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-4016", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-07-26T01:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:*:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.5"}, {"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:*:*:advanced:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.5"}, {"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T02:57Z"}

6.8 /10