Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4676

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-4676
Last Modified 29 Oct 2012 11:18:01
Published 22 Oct 2008 06:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-4676

Summary

Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. NOTE: this might be the same issue as CVE-2008-3485, but the vendor advisory is too vague to be certain.

Vulnerable Systems

Application

  • Citrix Access Essentials 1.0

  • Citrix Access Essentials 1.5

  • Citrix Access Essentials 2.0

  • Citrix Presentation Server 4.0

  • Citrix Xenapp 4.5


References

CONFIRM - http://support.citrix.com/article/CTX116310

XF - citrix-server-unspecified-priv-escalation(45507)

VUPEN - ADV-2008-2702

BID - 31484

SECUNIA - 32017

SECTRACK - 1020954


Last Updated: 27 May 2016 10:49:44