Citrix Metaframe for Windows NT 4.0 TSE 1.8 - Java ICA Environment Denial of Service

EDB-ID:

21703

CVE:



Type:

dos


Platform:

Windows

Date:

2002-08-11


source: https://www.securityfocus.com/bid/5439/info

Citrix Metaframe is a commercial available remote desktop application. This issue affects Metaframe on the Microsoft Windows platform.

It has been discovered that Metaframe can be made to become unstable. By connecting to the Metaframe server using custom-crafted Java ICA files, a remote user may be able to create instability in the Metaframe server. The server typically reacts to this vulnerability by disconnecting all users, and either crashing requiring a manual reboot, or crashing and rebooting.

Change the following value:

applet code="com.citrix.JICA.class" archive="jicaengn.jar" width="800"
height="600"

to:

applet code="com.citrix.JICA.class" archive="jicaengn.jar" width=100%
height=100%

Load in a browser, set the browser to full-screen mode, and refresh.