CVE-2007-0444

high

Description

Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.

References

http://www.zerodayinitiative.com/advisories/ZDI-07-006.html

http://www.vupen.com/english/advisories/2007/0328

http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c

http://www.securityfocus.com/bid/22217

http://www.securityfocus.com/archive/1/458002/100/0/threaded

http://support.citrix.com/article/CTX111686

http://securitytracker.com/id?1017553

http://secunia.com/advisories/23869

http://osvdb.org/32958

Details

Source: Mitre, NVD

Published: 2007-01-24

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.13884