Citrix Program Neighborhood name buffer overflow

Added: 02/01/2006
CVE: CVE-2005-3652
BID: 15907
OSVDB: 21816


Citrix Presentation Server, formerly Citrix MetaFrame, allows applications to be deployed across a network to various client platforms, including Windows, Unix, Macintosh, DOS, and OS/2. The Program Neighborhood Agent running on the client is the interface to the application.


A buffer overflow occurs when the Citrix Program Neighborhood client processes Application Set responses containing a long name value.


Upgrade to the fixed version referenced in Citrix document CTX108354.



Exploit requires user to start the Citrix Neighorhood Client, choose "Add ICA connection", select "TCP/IP" as the protocol, and click on the pull-down menu for applications names. Exploit works on Citrix Neighborhood client 9.0.


Windows 2000
Windows XP

Back to exploit index