Vulnerability Description
Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Metaframe Client | 8.0 |
| Citrix | Program Neighborhood Agent | 8.0 |
References
- http://secunia.com/advisories/15108PatchVendor Advisory
- http://support.citrix.com/kb/entry.jspa?externalID=CTX105650Vendor Advisory
- http://www.idefense.com/application/poi/display?id=237&type=vulnerabilitiesPatchVendor Advisory
- http://secunia.com/advisories/15108PatchVendor Advisory
- http://support.citrix.com/kb/entry.jspa?externalID=CTX105650Vendor Advisory
- http://www.idefense.com/application/poi/display?id=237&type=vulnerabilitiesPatchVendor Advisory
FAQ
What is CVE-2004-1077?
CVE-2004-1077 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via ...
How severe is CVE-2004-1077?
CVE-2004-1077 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1077?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Metaframe Client, Citrix Program Neighborhood Agent.