PT-2004-2053 · Citrix · Citrix Program Neighborhood Agent+1

Published

2004-04-26

Updated

2008-09-05

CVE-2004-1077

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Citrix Program Neighborhood Agent for Win32 versions 8.00.24737 and earlier Citrix MetaFrame Presentation Server client for WinCE versions prior to 8.33

Description: The issue allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive.

Recommendations: For Citrix Program Neighborhood Agent for Win32 versions 8.00.24737 and earlier, update to a version later than 8.00.24737. For Citrix MetaFrame Presentation Server client for WinCE versions prior to 8.33, update to version 8.33 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1077

Affected Products

Citrix Metaframe Presentation Server

Citrix Program Neighborhood Agent

PT-2004-2053 · Citrix · Citrix Program Neighborhood Agent+1

CVE-2004-1077

Related Identifiers

Affected Products

References · 4