CSRF Vulnerability in Citrix Presentation Server and MetaFrame Server
CVE-2002-2426

Currently unrated

Key Information:

Vendor

Citrix
Status
Access Essentials
Metaframe Presentation Server
Presentation Server
Vendor
CVE Published:
31 December 2002

What is CVE-2002-2426?

A cross-site request forgery vulnerability exists in Citrix Presentation Server and related products that allows remote attackers to leverage the InitialProgram key in an ICA connection. By executing arbitrary published applications under the context of an authenticated user, attackers can potentially gain unauthorized access to sensitive data or execute unintended commands. This vulnerability impacts Citrix Presentation Server versions 4.0 and 4.5, along with MetaFrame Presentation Server 3.0, and Access Essentials versions 1.0 through 2.0. Users are advised to review the configurations and apply necessary security measures to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1018962
vdb-entryx_refsource_SECTRACK
http://packetstormsecurity.org/0210-exploits/hackingcitri...
x_refsource_MISC
http://support.citrix.com/article/CTX115245
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.