Описание
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:citrix:access_gateway:8.1:*:enterprise:*:*:*:*:*
cpe:2.3:a:citrix:access_gateway:9.0:*:enterprise:*:*:*:*:*
cpe:2.3:a:citrix:access_gateway:9.1:*:enterprise:*:*:*:*:*
EPSS
Процентиль: 99%
0.76464
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.
EPSS
Процентиль: 99%
0.76464
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119