Stack-based Buffer Overflow in Citrix Access Gateway ActiveX Control
CVE-2011-2882

Currently unrated

Key Information:

Vendor
Citrix
Vendor
CVE Published:
21 July 2011

Summary

A stack-based buffer overflow vulnerability exists in the NSEPA.NsepaCtrl.1 ActiveX control included in Citrix Access Gateway Enterprise Edition. This flaw allows remote attackers to exploit crafted HTTP header data to execute arbitrary code on affected systems. Key versions susceptible to this vulnerability include notable releases prior to specific build numbers, emphasizing the necessity for timely updates to safeguard against potential exploitation.

References

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.