CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0356

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1840%
EPSS Percentile13.77th
PublishedJan 18, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.

Affected Platforms (CPE)

πŸ“¦
Citrix

Access Essentials

<= 2.0
πŸ“¦
Citrix

Desktop Server

= 1.0
πŸ“¦
Citrix

Metaframe Presentation Server

<= 4.5
πŸ“¦
Citrix

Presentation Server

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/28508
πŸ”— http://support.citrix.com/article/CTX114487
πŸ”— http://www.kb.cert.org/vuls/id/412228
πŸ”— http://www.securityfocus.com/archive/1/486585/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/27329
πŸ”— http://www.securitytracker.com/id?1019231
πŸ”— http://www.vupen.com/english/advisories/2008/0172
πŸ”— http://zerodayinitiative.com/advisories/ZDI-08-002.html

Related Vulnerabilities

CVE-2008-021510.0

Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attacker...

CVE-2007-285010.0

The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials ...

CVE-2019-101278.8

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not...

CVE-2021-44478.8

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6...