CVE-2007-4013

critical

Description

Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679.

References

http://www.vupen.com/english/advisories/2007/2583

http://www.securityfocus.com/bid/24975

http://support.citrix.com/article/CTX114028

http://support.citrix.com/article/CTX113815

http://secunia.com/advisories/26143

http://osvdb.org/37844

http://osvdb.org/37843

http://osvdb.org/37842

Details

Source: Mitre, NVD

Published: 2007-07-26

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0117