Citrix Access Gateway Plug-In vulnerabilities
2 known vulnerabilities affecting citrix/access_gateway_plug-in.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2011-2593MEDIUMCVSS 6.8≤ 9.3v10.02014-08-12
CVE-2011-2593 [MEDIUM] CWE-189 CVE-2011-2593: Integer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access
Integer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a crafted Content-Length HTTP header, which triggers a heap-based buffer overflow.
nvd
CVE-2011-2592CRITICALCVSS 9.3v9.0v9.1+3 more2014-06-18
CVE-2011-2592 [CRITICAL] CWE-119 CVE-2011-2592: Heap-based buffer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Cit
Heap-based buffer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a long CSEC HTTP response header.
nvd