The host is installed with Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in the application, which fails to validate user supplied input. Successful exploitation could allow attacker to execute arbitrary code or overflow the buffer.