CVE-2008-5107
Citrix Presentation Server 4.5 and Desktop Server 1.0 - Sensitive Information Exposure via MSI Log Files
Title source: llmDescription
The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX116228
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0705/references
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28047
Scores
EPSS
0.0010
EPSS Percentile
27.6%
Details
CWE
CWE-200
Status
published
Products (2)
citrix/desktop_server
1.0
citrix/presentation_server
4.5
Published
Nov 17, 2008
Tracked Since
Feb 18, 2026