CVE-2010-2990 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix ICA Client FOR Linux

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources

Severity

9.3CRITICALNVD

EPSS

5.5%

top 9.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix ICA Client FOR Linux Citrix ICA Client FOR Solaris Citrix Online Plug-in FOR MAC FOR Xenapp Xendesktop +11 more

Timeline

PublishedAug 11

Latest updateMay 14

Description

Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a "heap offset overflow" issue.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages12 packages

▶NVDcitrix/online_plug-in10.0

▶NVDcitrix/ica_client11.0

▶citrixcitrix/xenapp

▶citrixcitrix/xendesktop

▶NVDcitrix/receiver11.0

Patches

Patch: support.citrix.com ↗Patch: support.citrix.com ↗

🔴Vulnerability Details

GHSA

GHSA-ff9h-44c8-h9qm: Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11↗2022-05-14

▶

💥Exploits & PoCs

Exploit-DB

Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (1)↗2010-09-20

▶

📋Vendor Advisories

Citrix

CVE-2010-2990: Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA C↗2010-08-11

▶

Citrix

Citrix Security Bulletin CTX125975↗

▶