Buffer Overflow in Citrix Program Neighborhood Agent for Windows and MetaFrame Presentation Server
CVE-2004-1078

Currently unrated

Key Information:

Vendor: Citrix
Status: Metaframe Client; Program Neighborhood Agent
Vendor: CVE Published:; 26 April 2004

Summary

A stack-based buffer overflow vulnerability exists in the Citrix Program Neighborhood Agent for Win32 and MetaFrame Presentation Server for WinCE. An attacker can exploit this issue by sending a specially crafted cached icon filename through the InName XML element, allowing for arbitrary code execution on the victim's system. This can lead to unauthorized access to sensitive information and compromised security of the affected machines.

References

http://secunia.com/advisories/15108

third-party-advisoryx_refsource_SECUNIA

http://www.idefense.com/application/poi/display?id=238&ty...

third-party-advisoryx_refsource_IDEFENSE

http://support.citrix.com/kb/entry.jspa?externalID=CTX105650

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Nov 29, 2004
Vulnerability published
Apr 26, 2004