4 results (0.005 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 2

Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field. • http://securitytracker.com/id?1015372 http://support.citrix.com/article/CTX108108 •

CVSS: 7.5EPSS: 23%CPEs: 1EXPL: 0

Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response. • http://secunia.com/advisories/18068 http://securityreason.com/securityalert/266 http://securitytracker.com/id?1015373 http://support.citrix.com/kb/entry.jspa?externalID=CTX108354 http://www.idefense.com/application/poi/display?id=357&type=vulnerabilities http://www.osvdb.org/21816 http://www.securityfocus.com/bid/15907 http://www.vupen.com/english/advisories/2005/2944 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive. • http://secunia.com/advisories/15108 http://support.citrix.com/kb/entry.jspa?externalID=CTX105650 http://www.idefense.com/application/poi/display?id=237&type=vulnerabilities •

CVSS: 7.5EPSS: 10%CPEs: 2EXPL: 0

Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element. • http://secunia.com/advisories/15108 http://support.citrix.com/kb/entry.jspa?externalID=CTX105650 http://www.idefense.com/application/poi/display?id=238&type=vulnerabilities •