Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3971

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3971
Last Modified 07 Mar 2011 09:27:27
Published 03 Dec 2005 02:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3971

Summary

Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

Vulnerable Systems

Application

  • Citrix Metaframe Secure Access Manager 2.0

  • Citrix Metaframe Secure Access Manager 2.1

  • Citrix Metaframe Secure Access Manager 2.2

  • Citrix Nfuse 1.0


References

BID - 15664

CONFIRM - http://support.citrix.com/article/CTX108208

SECUNIA - 17819

VUPEN - ADV-2005-2676

XF - citrix-login-xss(23396)

SECTRACK - 1015305

SECTRACK - 1015304


Last Updated: 27 May 2016 10:41:08