CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2592

Heap-based buffer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a long CSEC HTTP response header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.185

EPSS Ranking 94.9%

CVSS Severity

CVSS v2 Score 9.3

References

http://archives.neohapsis.com/archives/bugtraq/2012-08/0009.html
http://osvdb.org/show/osvdb/84433
http://secunia.com/secunia_research/2012-27
http://support.citrix.com/article/CTX134303
https://exchange.xforce.ibmcloud.com/vulnerabilities/77316
http://archives.neohapsis.com/archives/bugtraq/2012-08/0009.html
http://osvdb.org/show/osvdb/84433
http://secunia.com/secunia_research/2012-27
http://support.citrix.com/article/CTX134303
https://exchange.xforce.ibmcloud.com/vulnerabilities/77316

Products affected by CVE-2011-2592

Citrix » Access Gateway Plug-In » Version: 10.0

cpe:2.3:a:citrix:access_gateway_plug-in:10.0
Citrix » Access Gateway Plug-In » Version: 9.0

cpe:2.3:a:citrix:access_gateway_plug-in:9.0
Citrix » Access Gateway Plug-In » Version: 9.1

cpe:2.3:a:citrix:access_gateway_plug-in:9.1
Citrix » Access Gateway Plug-In » Version: 9.2

cpe:2.3:a:citrix:access_gateway_plug-in:9.2
Citrix » Access Gateway Plug-In » Version: 9.3

cpe:2.3:a:citrix:access_gateway_plug-in:9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2592

Products

Pricing

Contact Us