Vulnerabilities > CVE-2005-3652 - Buffer Overflow vulnerability in Citrix ICA Program Neighborhood Client 9.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

citrix

NVD

Published: 2005-12-16

Updated: 2011-03-08

Summary

Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response.

Vulnerable Configurations

Part	Description	Count
Application	Citrix Citrix ICA Program Neighborhood Client 9.1	1

Saint

bid	15907
description	Citrix Program Neighborhood name buffer overflow
id	misc_citrixagent
osvdb	21816
title	citrix_program_neighborhood_name
type	client

References

http://secunia.com/advisories/18068
http://securityreason.com/securityalert/266
http://securitytracker.com/id?1015373
http://support.citrix.com/kb/entry.jspa?externalID=CTX108354
http://www.idefense.com/application/poi/display?id=357&type=vulnerabilities
http://www.osvdb.org/21816
http://www.securityfocus.com/bid/15907
http://www.vupen.com/english/advisories/2005/2944