CVE-2006-6334

Currently unrated

Key Information:

Vendor: Citrix
Status: Presentation Server Client
Vendor: CVE Published:; 8 December 2006

Summary

Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Server Client before 9.230 for Windows allows remote malicious web sites to execute arbitrary code via a DataSize parameter that is less than the length of the Data buffer.

References

http://secunia.com/advisories/23246

third-party-advisoryx_refsource_SECUNIA

http://securityreason.com/securityalert/1995

third-party-advisoryx_refsource_SREASON

http://www.vupen.com/english/advisories/2006/4865

vdb-entryx_refsource_VUPEN

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 8, 2006
Vulnerability Reserved
Dec 6, 2006