CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2850

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1450%
EPSS Percentile31.35th
PublishedMay 24, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.

Affected Platforms (CPE)

πŸ“¦
Citrix

Access Essentials

= 1.0
πŸ“¦
Citrix

Access Essentials

= 1.5
πŸ“¦
Citrix

Metaframe

= 3.0
πŸ“¦
Citrix

Metaframe

= 3.0
πŸ“¦
Citrix

Metaframe

= 3.0
πŸ“¦
Citrix

Metaframe

= 4.0
πŸ“¦
Citrix

Metaframe

= 4.0
πŸ“¦
Citrix

Metaframe

= 4.0

References & Advisories

πŸ”— http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf
πŸ”— http://secunia.com/advisories/25371
πŸ”— http://support.citrix.com/article/CTX112964
πŸ”— http://www.securitytracker.com/id?1018098
πŸ”— http://www.vupen.com/english/advisories/2007/1918
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/34448
πŸ”— http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf
πŸ”— http://secunia.com/advisories/25371

Related Vulnerabilities

CVE-2008-021510.0

Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attacker...

CVE-2008-035610.0

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Ser...

CVE-2019-101278.8

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not...

CVE-2021-44478.8

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6...