Vulnerabilities > Citrix > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-03 | CVE-2008-2528 | Improper Authentication vulnerability in Citrix Access Gateway 4.5.5/4.5.6 Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors. | 10.0 |
| 2008-01-18 | CVE-2008-0356 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Citrix products Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513. | 10.0 |
| 2007-07-26 | CVE-2007-4013 | Remote vulnerability in Citrix Access Gateway Standard and Advanced Edition Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. | 9.3 |
| 2007-05-24 | CVE-2007-2850 | Security Bypass vulnerability in MetaFrame The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string. | 10.0 |
| 2007-03-02 | CVE-2007-1196 | Remote Code Execution vulnerability in Citrix Presentation Server Client Unspecified vulnerability in Citrix Presentation Server Client for Windows before 10.0 allows remote web sites to execute arbitrary code via unspecified vectors, related to the implementation of ICA connectivity through proxy servers. | 9.3 |