ID CVE-2007-4013
Summary Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679. Access Gateway is software offered also as an appliance.
References
Vulnerable Configurations
  • cpe:2.3:a:citrix:access_gateway:*:*:standard:*:*:*:*:*
    cpe:2.3:a:citrix:access_gateway:*:*:standard:*:*:*:*:*
  • cpe:2.3:a:citrix:access_gateway:4.5:hf1:advanced:*:*:*:*:*
    cpe:2.3:a:citrix:access_gateway:4.5:hf1:advanced:*:*:*:*:*
  • cpe:2.3:a:citrix:endpoint_analysis_client:*:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:endpoint_analysis_client:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 08-03-2011 - 02:57)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 24975
confirm
osvdb
  • 37842
  • 37843
  • 37844
secunia 26143
vupen ADV-2007-2583
Last major update 08-03-2011 - 02:57
Published 26-07-2007 - 01:30
Last modified 08-03-2011 - 02:57
Back to Top