Computer Security
[EN] securityvulns.ru no-pyccku


Citrix Access Gateway Citrix EPA ActiveX code execution
Published:22.07.2007
Source:
SecurityVulns ID:7960
Type:client
Threat Level:
6/10
Description:ActiveX control allows to download and execute any executable module.
Affected:CITRIX : Access Gateway 4.5
CVE:CVE-2007-3679 (The Citrix EPA ActiveX control (aka the "endpoint checking control" or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system.)
Original documentdocumentSYMANTEC, SYMSA-2007-006: Citrix EPA ActiveX Control Design Flaw (22.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod