CVE-2011-2882

Currently unrated

Key Information:

Vendor
Citrix
Status
Access Gateway
Vendor
CVE Published:
21 July 2011

Summary

Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.

References

http://securityreason.com/securityalert/8358
third-party-advisoryx_refsource_SREASON
http://labs.idefense.com/intelligence/vulnerabilities/dis...
third-party-advisoryx_refsource_IDEFENSE

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.