CVE-2005-3134

Published: Oct 4, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).

Affected (2)

Products: Citrix: Metaframe

Citrix

1 product

Metaframe

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Citrix Metaframe	Version 3.0
Citrix Metaframe	Version 4.0

References (14)

http://marc.info/?l=bugtraq&m=112811189420696&w=2

Source: cve@mitre.org

http://secunia.com/advisories/17032/

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/39

Source: cve@mitre.org

http://securitytracker.com/id?1014994

Source: cve@mitre.org

http://support.citrix.com/kb/entry%21default.jspa?categoryID=275&externalID=CTX107705

Source: cve@mitre.org

http://www.grupoitpro.com.ar/ctxpoliciesbypass.txt

Source: cve@mitre.org

ExploitVendor Advisory

http://www.securityfocus.com/bid/14989

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=112811189420696&w=2