CVE-2011-2882

Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.

Published: Jul 22, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-2882
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
citrix / access_gateway	8.1	8.1.x
citrix / access_gateway	9.0	9.0.x
citrix / access_gateway	9.1	9.1.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=929
http://securityreason.com/securityalert/8358

Vulnerability Database

290,206

CVE-2011-2882