Lucene search
SAINT CorporationSAINT:DBD96DD8ACAE7113FBFBA9C5F9D0B88BHistorySep 13, 2011 - 12:00 a.m.
Citrix Access Gateway NESPA ActiveX Control
2011-09-1300:00:00
SAINT Corporation
www.saintcorporation.com
8
0.964 High
EPSS
Percentile
99.6%
Added: 09/13/2011
CVE: CVE-2011-2882
BID: 48676
OSVDB: 74191
Background
Citrix Access Gateway is an application remote-access solution.
Problem
The Citrix Access Gateway installs an ActiveX plug-in on the user’s browser. Plug-in versions 8.1-67.7, 9.0-70.5, and 9.1-96.4 are vulnerable to a stack overflow.
Resolution
Upgrade the plug-in to the latest version.
References
<http://support.citrix.com/article/CTX129902>
Limitations
This exploit has been tested against Citrix Systems Access Gateway Plug-in for Windows 8.0.59.1 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 (DEP OptIn).
Platforms
Windows
Related
seebug
seebug
Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
2014-07-01 00:00:00
cvelist
cvelist
CVE-2011-2882
2011-07-21 23:00:00
checkpoint_advisories
checkpoint_advisories
Citrix Access Gateway Plug-in ActiveX Code Execution (CVE-2011-2882)
2011-12-20 00:00:00
metasploit
metasploit
Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
2011-08-30 22:22:32
saint
saint
Citrix Access Gateway NESPA ActiveX Control
2011-09-13 00:00:00
Citrix Access Gateway NESPA ActiveX Control
2011-09-13 00:00:00
Citrix Access Gateway NESPA ActiveX Control
2011-09-13 00:00:00
prion
prion
Stack overflow
2011-07-21 23:55:00
packetstorm
packetstorm
Citrix Gateway ActiveX Control Stack Based Buffer Overflow
2011-08-31 00:00:00
nvd
nvd
CVE-2011-2882
2011-07-21 23:55:04
cve
cve
CVE-2011-2882
2011-07-21 23:55:04
exploitdb
exploitdb
Citrix Gateway - ActiveX Control Stack Buffer Overflow (Metasploit)
2011-08-31 00:00:00
nessus
nessus