NVD

Id
9337  
Name
CVE-2011-2593  
Description
Integer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a crafted Content-Length HTTP header, which triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2014-08-12  
Modified Date
2014-08-14  
Seq
2011-2593  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
53401 9337 CVE-2011-2593 http://support.citrix.com/article/CTX134303  View
53402 9337 CVE-2011-2593 citrix-activex-bo(77317)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35096 JVNDB-2011-005338 Citrix Access Gateway Enterprise Edition Plug-in for Windows の nsepacom ActiveX コントロールの StartEpa メソッドにおける整数オーバーフローの脆弱性 Citrix Access Gateway Enterprise Edition Plug-in for Windows の nsepacom ActiveX コントロール (nsepa.exe) の StartEpa メソッドには、整数オーバーフローの脆弱性が存在します。 CVE-2011-2593 50500 CVE-2011-2593 9337 6.8 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005338.html 2011-07-19 2014-08-14 View