- Home
- CVEs with nessus.description==The Citrix Access Gateway ActiveX control for Citrix Access Gateway Enterprise Edition is installed on the remote Windows host. It is the ActiveX component of the Citrix Access Gateway Plug-in for Windows and provides an SSL-based VPN via a web browser.
The installed version of this control is affected by the following vulnerabilities that could lead to arbitrary code execution :
- The control loads a dynamic link library (DLL) when processing HTTP header data from the Access Gateway server without properly ensuring that the DLL has a valid signature. (ZDI 928)
- The control copies HTTP header data from the Access Gateway server into a fixed-size stack buffer without verifying the size of the data, which could result in a buffer overflow. (ZDI 929)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top