Citrix · Citrix Metaframe Presentation Server · CVE-2005-3134
**Name of the Vulnerable Software and Affected Versions**
Citrix Metaframe Presentation Server versions 3.0 through 4.0
**Description**
The issue allows remote attackers to bypass policy restrictions. This can be achieved by downloading the launch.ica file and modifying the `ClientName` variable, which enables attackers to circumvent existing security policies.
**Recommendations**
For Citrix Metaframe Presentation Server versions 3.0 through 4.0, consider restricting access to the launch.ica file to prevent unauthorized downloads and modifications. As a temporary workaround, restrict changes to the `ClientName` variable to minimize the risk of policy bypass.