Lucene search
SAINT CorporationSAINT:DBD96DD8ACAE7113FBFBA9C5F9D0B88BHistorySep 13, 2011 - 12:00 a.m.
Citrix Access Gateway NESPA ActiveX Control
2011-09-1300:00:00
SAINT Corporation
www.saintcorporation.com
8
0.96 High
EPSS
Percentile
99.5%
Added: 09/13/2011
CVE: CVE-2011-2882
BID: 48676
OSVDB: 74191
Background
Citrix Access Gateway is an application remote-access solution.
Problem
The Citrix Access Gateway installs an ActiveX plug-in on the user’s browser. Plug-in versions 8.1-67.7, 9.0-70.5, and 9.1-96.4 are vulnerable to a stack overflow.
Resolution
Upgrade the plug-in to the latest version.
References
<http://support.citrix.com/article/CTX129902>
Limitations
This exploit has been tested against Citrix Systems Access Gateway Plug-in for Windows 8.0.59.1 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 (DEP OptIn).
Platforms
Windows
Related
checkpoint_advisories
checkpoint_advisories
Citrix Access Gateway Plug-in ActiveX Code Execution (CVE-2011-2882)
2011-12-20 00:00:00
metasploit
metasploit
Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
2011-08-30 22:22:32
seebug
seebug
Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
2014-07-01 00:00:00
cvelist
cvelist
CVE-2011-2882
2011-07-21 23:00:00
cve
cve
CVE-2011-2882
2011-07-21 23:55:04
packetstorm
packetstorm
Citrix Gateway ActiveX Control Stack Based Buffer Overflow
2011-08-31 00:00:00
saint
saint
Citrix Access Gateway NESPA ActiveX Control
2011-09-13 00:00:00
Citrix Access Gateway NESPA ActiveX Control
2011-09-13 00:00:00
Citrix Access Gateway NESPA ActiveX Control
2011-09-13 00:00:00
nvd
nvd
CVE-2011-2882
2011-07-21 23:55:04
prion
prion
Stack overflow
2011-07-21 23:55:00
exploitdb
exploitdb
Citrix Gateway - ActiveX Control Stack Buffer Overflow (Metasploit)
2011-08-31 00:00:00
nessus
nessus