The host is installed with Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in the application, which fails to validate user supplied input. Successful exploitation could allow attacker to execute arbitrary co ...