- Description
- Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96365CE2-22BF-408E-939F-22FFABF63061",
"versionEndIncluding": "2.0"
},
{
"criteria": "cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08AEEC3F-E8DD-4535-98D2-4CFD83439A69"
},
{
"criteria": "cpe:2.3:a:citrix:metaframe_presentation_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B612D535-0FED-49B5-85B7-7B33CC1EF320",
"versionEndIncluding": "4.5"
},
{
"criteria": "cpe:2.3:a:citrix:presentation_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B22EE40-B6D5-4A1D-B6F5-48E14FB189AD"
}
],
"operator": "OR"
}
]
}
]