Arbitrary Code Execution Vulnerability in IMA

Wednesday, 16 January 2008 by Michel Roth

The IMA service in all versions of Presentation Server, Desktop Server and Access Essentials are vulnerable to a arbitrary code execution. Citrix has released Hotfix PSE400R04W2K3001 (and the other equivalents) to patch this vulnerability.

The IMA service is used by Citrix Presentation Server for inter-sever and management communications. Sending a specifically crafted packet could result in an internal buffer being overflowed. This could lead to execution of malicious code in the context of the IMA server process.

This vulnerability is present in all versions of Citrix MetaFrame and Presentation Server up to and including 4.5, Citrix Access Essentials and Citrix Desktop Server.

Read the Citrix advisory here.

Related Items:

Two Vulnerabilities In Presentation Server's IMA Service (9 November 2006)
Vulnerability In Citrix Presentations Server Session Reliability (23 May 2007)
Citrix Metaframe XP Unspecified Buffer Overflow Vulnerability (23 December 2004)
Citrix ICA Client ActiveX Control Heap Overflow Vulnerability (6 December 2006)
Hotfix PSE400R01W2K3044 - For Citrix Presentation Server 4.0 for Windows Server 2003 (31 March 2006)
Trend Micro Products AntiVirus Library Buffer Overflow (27 February 2005)
0-Day Microsoft Excel Unspecified Code Execution Vulnerability (19 June 2006)
Citrix Presentation Server Client Unspecified Code Execution (2 March 2007)
Citrix Program Neighborhood Agent Two Vulnerabilities (26 April 2005)
Vulnerability In Internet Explorer Could Allow Remote Code Execution (913333) (8 February 2006)

Comments (0)

Show/Hide comment form

Search

Related Items:

Our Newsletter

Stay Updated

Latest downloads

Latest Blog items