Stack-based buffer overflow vulnerability in NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise EditionID: oval:org.secpod.oval:def:1994 | Date: (C)2011-08-23 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in the application, which fails to validate user supplied input. Successful exploitation could allow attacker to execute arbitrary code or overflow the buffer.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Citrix Access Gateway |