Heap Offset Overflow Vulnerability in Citrix Online Plug-in and Receiver
CVE-2010-2990

Currently unrated

Summary

The vulnerability in Citrix products allows remote attackers to execute arbitrary code by leveraging a heap offset overflow issue. This can occur through a maliciously crafted HTML document, .ICA file, or a specially designed type field in an ICA graphics packet. Users of Citrix Online Plug-in for Windows, Mac, ICA Client for Linux and Solaris, and Citrix Receiver for Windows Mobile are particularly at risk if they do not update to the latest versions.

References

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.