admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-36xx/CVE-2007-3679.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

141 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-3679",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-07-25T17:30:00.000",
"lastModified": "2018-10-15T21:29:49.287",
"vulnStatus": "Modified",
"cveTags": [],
"evaluatorComment": "User must be logged in.",
"descriptions": [
{
"lang": "en",
"value": "The Citrix EPA ActiveX control (aka the \"endpoint checking control\" or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system."
},
{
"lang": "es",
"value": "El control ActiveX Citrix EPA (tambi\u00e9n conocido como el \"endpoint checking control\" \u00f3 Objeto CCAOControl) versiones anteriores a 4.5.0.0 en npCtxCAO.dll de Citrix Access Gateway Standard Edition versiones anteriores a 4.5.5 y Advanced Edition versiones anteriores a 4.5 HF1, permite a atacantes remotos descargar y ejecutar programas de su elecci\u00f3n en un sistema cliente."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:access_gateway:*:hf1:advanced:*:*:*:*:*",
"versionEndIncluding": "4.5",
"matchCriteriaId": "7A132506-353D-4128-82A2-46DBC000B753"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:access_gateway:*:*:standard:*:*:*:*:*",
"versionEndIncluding": "4.5.5",
"matchCriteriaId": "47ABB5D2-79BD-48AC-877E-E671C7408362"
}
]
}
]
}
],
"references": [
{
"url": "http://osvdb.org/37845",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/26143",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/2916",
"source": "cve@mitre.org"
},
{
"url": "http://support.citrix.com/article/CTX113815",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://support.citrix.com/article/CTX114028",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.securityfocus.com/archive/1/474204/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/24865",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/24975",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-006.txt",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/2583",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35511",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink