Heap-based Buffer Overflow in Citrix MetaFrame Related to IMA Service
CVE-2006-5821
Currently unrated
Key Information:
- Vendor
- Citrix
- Vendor
- CVE Published:
- 10 November 2006
Summary
A heap-based buffer overflow vulnerability exists in the IMA_SECURE_DecryptData1 function within the ImaSystem.dll component of Citrix MetaFrame and Presentation Server products. This flaw allows remote attackers to execute arbitrary code by sending specially crafted requests with invalid size values to the Independent Management Architecture (IMA) service (ImaSrv.exe). When triggered, this overflow occurs during decryption processes, potentially compromising the integrity of systems utilizing these Citrix products.
References
EPSS Score
9% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved