CVE-2006-5821
published 2006-11-10CVE-2006-5821: Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
5.19%
91.4th percentile
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | metaframe | — | — |
| citrix | metaframe | — | — |
| citrix | metaframe_presentation_server | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
Citrix Security Bulletin CTX111186
vendor_citrix·CVSS 7.5
CVE-2006-5821 [HIGH] Citrix Security Bulletin CTX111186
Citrix Security Bulletin CTX111186
CVE References: CVE-2006-5821, CVE-2006-5861, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-qqw2-f4rr-7m6p: Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem
ghsa_unreviewed·2022-05-01
CVE-2006-5821 [HIGH] GHSA-qqw2-f4rr-7m6p: Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/22802http://securitytracker.com/id?1017205http://support.citrix.com/article/CTX111186http://www.securityfocus.com/archive/1/451337/100/100/threadedhttp://www.securityfocus.com/bid/20986http://www.vupen.com/english/advisories/2006/4429http://www.zerodayinitiative.com/advisories/ZDI-06-038.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/30148http://secunia.com/advisories/22802http://securitytracker.com/id?1017205http://support.citrix.com/article/CTX111186http://www.securityfocus.com/archive/1/451337/100/100/threadedhttp://www.securityfocus.com/bid/20986http://www.vupen.com/english/advisories/2006/4429http://www.zerodayinitiative.com/advisories/ZDI-06-038.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/30148
2006-11-10
Published