Vulnerabilities > Citrix > Metaframe Presentation Server > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-18 | CVE-2008-2300 | Permissions, Privileges, and Access Controls vulnerability in Citrix products Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors. | 6.5 |
| 2008-01-18 | CVE-2008-0356 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Citrix products Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513. | 10.0 |
| 2007-01-24 | CVE-2007-0444 | Buffer Errors vulnerability in Citrix Metaframe and Metaframe Presentation Server Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions. | 7.2 |
| 2006-11-10 | CVE-2006-5861 | Denial-Of-Service vulnerability in Citrix Metaframe and Metaframe Presentation Server The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception. | 5.0 |
| 2006-11-10 | CVE-2006-5821 | Remote vulnerability in Citrix Metaframe and Metaframe Presentation Server Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption. | 7.5 |