Memory Corruption Vulnerability in Citrix ICA Client for Windows
CVE-2010-2991
Currently unrated
Key Information:
- Vendor
- Citrix
- Vendor
- CVE Published:
- 11 August 2010
Summary
The vulnerability involves the IICAClient interface within the ICAClient library, specifically in the ICA Client ActiveX Object used in Citrix Online Plug-in for Windows. Attackers can exploit this flaw via a specially crafted HTML document that prompts the execution of a .ICA file, potentially leading to arbitrary code execution or causing a denial of service through memory corruption.
References
Timeline
Vulnerability Reserved
Vulnerability published