Vulnerability Details : CVE-2006-5821
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-5821
- cpe:2.3:a:citrix:metaframe:1.0:*:windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:64-bit:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2003:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-5821
9.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-5821
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-5821
-
http://www.zerodayinitiative.com/advisories/ZDI-06-038.html
ZDI-06-038 | Zero Day Initiative
-
http://support.citrix.com/article/CTX111186
Citrix Secure Sign InPatch
-
http://www.securityfocus.com/bid/20986
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30148
-
http://secunia.com/advisories/22802
-
http://securitytracker.com/id?1017205
-
http://www.vupen.com/english/advisories/2006/4429
-
http://www.securityfocus.com/archive/1/451337/100/100/threaded
Jump to