RSS   Vulnerabilities for 'Nfuse'   RSS

2005-12-03
 
CVE-2005-3971

 

 
Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

 
2002-08-12
 
CVE-2002-0504

 

 
Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.

 
 
CVE-2002-0503

 

 
Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.

 
 
CVE-2002-0502

CWE-Other
 

 
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.

 
2002-05-31
 
CVE-2002-0301

 

 
Citrix NFuse 1.6 allows remote attackers to bypass authentication and obtain sensitive information by directly calling launch.asp with invalid NFUSE_USER and NFUSE_PASSWORD parameters.

 
2001-10-18
 
CVE-2001-0760

 

 
Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field.

 

 >>> Vendor: Citrix 94 Products
Metaframe
Winframe
Nfuse
Ica client
Access essentials
Metaframe presentation server
Presentation server
Metaframe client
Program neighborhood agent
Metaframe password manager
Ica program neighborhood client
Metaframe secure access manager
Program neighborhood client
Access gateway
Presentation server client
Web interface
XEN
Endpoint analysis client
Netscaler
Edgesight for endpoints
Edgesight for netscaler
Edgesight for presentation server
Desktop server
Citrix presentation server
Xenserver
XP
Xenapp
Deterministic network enhancer
Broadcast server
Netscaler access gateway firmware
Secure gateway
Gateway
Licensing
Xencenterweb
Online plug-in for mac
Online plug-in for windows
Receiver for iphone
Secure mail
Ica client for linux
Ica client for solaris
Online plug-in for mac for xenapp & xendesktop
Online plug-in for windows for xenapp & xendesktop
Receiver for windows mobile
Licensing administration console
Provisioning services
Cloudstack
Xendesktop
Netscaler access gateway
Xenclient xt
Cloudportal services manager
Netscaler application delivery controller
Netscaler application delivery controller firmware
Gotomeeting
Xenmobile device manager
Xenmobile device manager mdm
Sharefile mobile
Sharefile mobile for tablets
Vdi-in-a-box
Cloudplatform
Access gateway plug-in
Xenmobile
Netscaler gateway firmware
Command center
Netscaler service delivery appliance service vm
Xenmobile server
Netscaler gateway 11.0 firmware
Ios receiver
Worx home
Xenmobile mdx toolkit
Linux virtual delivery agent
License server
License server vpx
Receiver desktop
Netscaler sd-wan
Netscaler gateway
Application delivery controller firmware
Sd-wan
Sharefile
Receiver
Appdna
Gateway firmware
Citrix sd-wan center
Netscaler sd-wan center
Sharefile storagezones controller
Workspace app
Gateway plug-in for linux
Workspace
Gateway plug-in
Virtual apps and desktops
Cloud connector
Sd-wan wanop
Application delivery management
Federated authentication service
Storefront server


Copyright 2024, cxsecurity.com

 

Back to Top