Vulnerabilities > CVE-2007-4013 - Remote vulnerability in Citrix Access Gateway Standard and Advanced Edition

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

citrix

mozilla

critical

NVD

Published: 2007-07-26

Updated: 2011-03-08

Summary

Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679. Access Gateway is software offered also as an appliance.

Vulnerable Configurations

Part	Description	Count
Application	Citrix Citrix Access Gateway * Citrix Access Gateway 4.5 Citrix Endpoint Analysis Client *	3
Application	Mozilla Mozilla Firefox *	1

Summary

Vulnerable Configurations

References