{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-01-17T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20080117 ZDI-08-002: Citrix Presentation Server IMA Service Heap Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/486585/100/0/threaded"}, {"name": "28508", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28508"}, {"name": "ADV-2008-0172", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0172"}, {"name": "VU#412228", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/412228"}, {"name": "1019231", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019231"}, {"name": "27329", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27329"}, {"tags": ["x_refsource_MISC"], "url": "http://zerodayinitiative.com/advisories/ZDI-08-002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.citrix.com/article/CTX114487"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0356", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20080117 ZDI-08-002: Citrix Presentation Server IMA Service Heap Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/486585/100/0/threaded"}, {"name": "28508", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28508"}, {"name": "ADV-2008-0172", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0172"}, {"name": "VU#412228", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/412228"}, {"name": "1019231", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019231"}, {"name": "27329", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27329"}, {"name": "http://zerodayinitiative.com/advisories/ZDI-08-002.html", "refsource": "MISC", "url": "http://zerodayinitiative.com/advisories/ZDI-08-002.html"}, {"name": "http://support.citrix.com/article/CTX114487", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX114487"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:39:35.209Z"}, "title": "CVE Program Container", "references": [{"name": "20080117 ZDI-08-002: Citrix Presentation Server IMA Service Heap Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/486585/100/0/threaded"}, {"name": "28508", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28508"}, {"name": "ADV-2008-0172", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0172"}, {"name": "VU#412228", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/412228"}, {"name": "1019231", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019231"}, {"name": "27329", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27329"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://zerodayinitiative.com/advisories/ZDI-08-002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.citrix.com/article/CTX114487"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0356", "datePublished": "2008-01-18T21:00:00", "dateReserved": "2008-01-18T00:00:00", "dateUpdated": "2024-08-07T07:39:35.209Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*", "matchCriteriaId": "96365CE2-22BF-408E-939F-22FFABF63061", "versionEndIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08AEEC3F-E8DD-4535-98D2-4CFD83439A69", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:metaframe_presentation_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "B612D535-0FED-49B5-85B7-7B33CC1EF320", "versionEndIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:presentation_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B22EE40-B6D5-4A1D-B6F5-48E14FB189AD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el servicio Independent Management Architecture (IMA) de Citrix Presentation Server (MetaFrame Presentation Server) 4.5 y versiones anteriores, Access Essentials 2.0 y versiones anteriores, y Desktop Server 1.0 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un valor de tama\u00f1o inv\u00e1lido en un paquete al puerto TCP 2512 \u00f3 2513."}], "id": "CVE-2008-0356", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-01-18T22:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28508"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://support.citrix.com/article/CTX114487"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/412228"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/486585/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/27329"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019231"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0172"}, {"source": "cve@mitre.org", "url": "http://zerodayinitiative.com/advisories/ZDI-08-002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28508"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://support.citrix.com/article/CTX114487"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/412228"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/486585/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27329"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019231"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0172"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://zerodayinitiative.com/advisories/ZDI-08-002.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}