Vulnerability Description
Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Metaframe Client | 8.0 |
| Citrix | Program Neighborhood Agent | 8.0 |
References
- http://secunia.com/advisories/15108PatchVendor Advisory
- http://support.citrix.com/kb/entry.jspa?externalID=CTX105650PatchVendor Advisory
- http://www.idefense.com/application/poi/display?id=238&type=vulnerabilitiesPatchVendor Advisory
- http://secunia.com/advisories/15108PatchVendor Advisory
- http://support.citrix.com/kb/entry.jspa?externalID=CTX105650PatchVendor Advisory
- http://www.idefense.com/application/poi/display?id=238&type=vulnerabilitiesPatchVendor Advisory
FAQ
What is CVE-2004-1078?
CVE-2004-1078 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote att...
How severe is CVE-2004-1078?
CVE-2004-1078 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1078?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Metaframe Client, Citrix Program Neighborhood Agent.