9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.6%
Added: 09/13/2011
CVE: CVE-2011-2882
BID: 48676
OSVDB: 74191
Citrix Access Gateway is an application remote-access solution.
The Citrix Access Gateway installs an ActiveX plug-in on the user’s browser. Plug-in versions 8.1-67.7, 9.0-70.5, and 9.1-96.4 are vulnerable to a stack overflow.
Upgrade the plug-in to the latest version.
<http://support.citrix.com/article/CTX129902>
This exploit has been tested against Citrix Systems Access Gateway Plug-in for Windows 8.0.59.1 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 (DEP OptIn).
Windows