Signature Detail
Short Name |
HTTP:STC:CLSID:ACTIVEX:CTX-ICA |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Citrix Presentation Server Client ActiveX Control Buffer Overflow Vulnerability |
Release Date |
2007/03/01 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Citrix Presentation Server Client ActiveX Control Buffer Overflow Vulnerability
This signature detects attempts to exploit a known vulnerability against Citrix Presentation Server Client. An attacker can create a malicious Web page containing dangerous ActiveX calls, which if visited, can allow the attacker to gain control of the victim's system.
Extended Description
Citrix Presentation Server Client is prone to an unspecified remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. This may lead to remote unauthorized access. All versions prior to 10.0 for Microsoft Windows platforms are vulnerable.
Affected Products
- Citrix Presentation Server Client 9.200
- Citrix Presentation Server Client 9.230
References
- BugTraq: 22762
- CVE: CVE-2007-1196
- URL: http://support.citrix.com/article/CTX112589