CVE-2007-0444

Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.

Published: Jan 24, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-0444
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
citrix / metaframe_presentation_server	4.0	4.0.x
citrix / metaframe_presentation_server	3.0	3.0.x
citrix / metaframe	1.0	1.0.x

http://osvdb.org/32958
http://secunia.com/advisories/23869
http://securitytracker.com/id?1017553
http://support.citrix.com/article/CTX111686
http://www.securityfocus.com/archive/1/458002/100/0/threaded
http://www.securityfocus.com/bid/22217
http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c
http://www.vupen.com/english/advisories/2007/0328
http://www.zerodayinitiative.com/advisories/ZDI-07-006.html

Vulnerability Database

290,273

CVE-2007-0444