Citrix : Security Vulnerabilities, CVEs, Published In 2011 (Overflow)
CVE-2011-2882
Public exploit
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.
Max CVSS
9.3
EPSS Score
96.37%
Published
2011-07-21
Updated
2011-09-22
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
Max CVSS
6.9
EPSS Score
0.04%
Published
2011-08-12
Updated
2011-08-24
2 vulnerabilities found