Memory Corruption Vulnerability in Citrix ICA Client for Windows
CVE-2010-2991

Currently unrated

Key Information:

Vendor
Citrix
Vendor
CVE Published:
11 August 2010

Summary

The vulnerability involves the IICAClient interface within the ICAClient library, specifically in the ICA Client ActiveX Object used in Citrix Online Plug-in for Windows. Attackers can exploit this flaw via a specially crafted HTML document that prompts the execution of a .ICA file, potentially leading to arbitrary code execution or causing a denial of service through memory corruption.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.