CVE-2008-5107

The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.

Published: Nov 17, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5107
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
citrix / desktop_server	1.0	1.0.x
citrix / presentation_server	4.5	4.5.x

http://support.citrix.com/article/CTX116228
http://www.securityfocus.com/bid/28047
http://www.vupen.com/english/advisories/2008/0705/references

Vulnerability Database

290,278

CVE-2008-5107