Описание
Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.
Ссылки
- Vendor Advisory
- Patch
- US Government Resource
- Vendor Advisory
- Patch
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.0 (включая)Версия до 4.5 (включая)
Одно из
cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*
cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:metaframe_presentation_server:*:*:*:*:*:*:*:*
cpe:2.3:a:citrix:presentation_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.71167
Высокий
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.
EPSS
Процентиль: 99%
0.71167
Высокий
10 Critical
CVSS2
Дефекты
CWE-119