Heap Offset Overflow Vulnerability in Citrix Online Plug-in and Receiver
CVE-2010-2990
Currently unrated
Key Information:
- Vendor
- Citrix
- Status
- Vendor
- CVE Published:
- 11 August 2010
Summary
The vulnerability in Citrix products allows remote attackers to execute arbitrary code by leveraging a heap offset overflow issue. This can occur through a maliciously crafted HTML document, .ICA file, or a specially designed type field in an ICA graphics packet. Users of Citrix Online Plug-in for Windows, Mac, ICA Client for Linux and Solaris, and Citrix Receiver for Windows Mobile are particularly at risk if they do not update to the latest versions.
References
EPSS Score
5% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved