返回 CVE 浏览器

CVE-2008-0356

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1840%

EPSS Percentile13.77th

Published2008年1月18日

Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.

Affected Platforms (CPE)

📦

Citrix

Access Essentials

<= 2.0

📦

Citrix

Desktop Server

= 1.0

📦

Citrix

Metaframe Presentation Server

<= 4.5

📦

Citrix

Presentation Server

All versions

References & Advisories

🔗 http://secunia.com/advisories/28508

🔗 http://support.citrix.com/article/CTX114487

🔗 http://www.kb.cert.org/vuls/id/412228

🔗 http://www.securityfocus.com/archive/1/486585/100/0/threaded

🔗 http://www.securityfocus.com/bid/27329

🔗 http://www.securitytracker.com/id?1019231

🔗 http://www.vupen.com/english/advisories/2008/0172

🔗 http://zerodayinitiative.com/advisories/ZDI-08-002.html

相关漏洞威胁

CVE-2008-021510.0

Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attacker...

CVE-2007-285010.0

The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials ...

CVE-2019-101278.8

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not...

CVE-2021-44478.8

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6...