Vulnerability CVE-2007-4013
Published: 2007-07-25   Modified: 2012-02-12

Description:
Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679.

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Mozilla -> Firefox 
Citrix -> Access gateway 
Citrix -> Endpoint analysis client 

 References:
http://www.securityfocus.com/bid/24975
http://support.citrix.com/article/CTX114028
http://support.citrix.com/article/CTX113815
http://secunia.com/advisories/26143
http://www.vupen.com/english/advisories/2007/2583
http://osvdb.org/37844
http://osvdb.org/37843
http://osvdb.org/37842
Copyright 2024, cxsecurity.com

 

Back to Top