Added: 09/13/2011
CVE: CVE-2011-2882
BID: 48676
OSVDB: 74191
Citrix Access Gateway is an application remote-access solution.
The Citrix Access Gateway installs an ActiveX plug-in on the user’s browser. Plug-in versions 8.1-67.7, 9.0-70.5, and 9.1-96.4 are vulnerable to a stack overflow.
Upgrade the plug-in to the latest version.
<http://support.citrix.com/article/CTX129902>
This exploit has been tested against Citrix Systems Access Gateway Plug-in for Windows 8.0.59.1 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 (DEP OptIn).
Windows