CVE-2007-0444: Buffer Overflow
First published: Wed Jan 24 2007(Updated: )
Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Citrix MetaFrame Presentation Server | =4.0 | |
| Citrix MetaFrame Presentation Server | =3.0 | |
| Citrix MetaFrame | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.zerodayinitiative.com/advisories/ZDI-07-006.html
- http://support.citrix.com/article/CTX111686
- http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c
- http://www.securityfocus.com/bid/22217
- http://securitytracker.com/id?1017553
- http://secunia.com/advisories/23869
- http://osvdb.org/32958
- http://www.vupen.com/english/advisories/2007/0328
- http://www.securityfocus.com/archive/1/458002/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/citrix
- canonical/citrix metaframe presentation server
- version/citrix metaframe presentation server/4.0
- version/citrix metaframe presentation server/3.0
- canonical/citrix metaframe
- version/citrix metaframe/1.0