CVE-2007-3679

Name of the Vulnerable Software and Affected Versions Citrix Access Gateway Standard Edition versions prior to 4.5.5 Citrix Access Gateway Advanced Edition versions prior to 4.5 HF1 Citrix EPA ActiveX control version prior to 4.5.0.0

Description The issue allows remote attackers to download and execute arbitrary programs onto a client system. This is due to a problem in the Citrix EPA ActiveX control, also known as the endpoint checking control or CCAOControl Object, which is part of npCtxCAO.dll.

Recommendations For Citrix Access Gateway Standard Edition versions prior to 4.5.5, update to version 4.5.5 or later. For Citrix Access Gateway Advanced Edition versions prior to 4.5 HF1, update to version 4.5 HF1 or later. For the Citrix EPA ActiveX control version prior to 4.5.0.0, update to version 4.5.0.0 or later.