Vulnerabilities > CVE-2006-6334 - Unspecified vulnerability in Citrix Presentation Server Client
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN citrix
exploit available
Summary
Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Server Client before 9.230 for Windows allows remote malicious web sites to execute arbitrary code via a DataSize parameter that is less than the length of the Data buffer.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Citrix Presentation Server Client WFICA.OCX ActiveX Heap BOF Exploit. CVE-2006-6334. Remote exploit for windows platform file exploits/windows/remote/5106.html id EDB-ID:5106 last seen 2016-01-31 modified 2008-02-12 platform windows port published 2008-02-12 reporter Elazar source https://www.exploit-db.com/download/5106/ title Citrix Presentation Server Client - WFICA.OCX ActiveX Heap BoF Exploit type remote description Citrix Presentation Server Client 9.200 WFICA.OCX ActiveX Component Heap Buffer Overflow Vulnerability. CVE-2006-6334. Remote exploit for windows platform id EDB-ID:29230 last seen 2016-02-03 modified 2006-12-06 published 2006-12-06 reporter Andrew Christensen source https://www.exploit-db.com/download/29230/ title Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow Vulnerability
Packetstorm
| data source | https://packetstormsecurity.com/files/download/63580/citrix-overflow.txt |
| id | PACKETSTORM:63580 |
| last seen | 2016-12-05 |
| published | 2008-02-13 |
| reporter | Elazar Broad |
| source | https://packetstormsecurity.com/files/63580/citrix-overflow.txt.html |
| title | citrix-overflow.txt |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:82752 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-82752 title Citrix Presentation Server Client 9.200 WFICA.OCX ActiveX Component Heap Buffer Overflow Vulnerability bulletinFamily exploit description No description provided by source. id SSV:65194 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-65194 title Citrix Presentation Server Client WFICA.OCX ActiveX - Heap BOF Exploit bulletinFamily exploit description No description provided by source. id SSV:8090 last seen 2017-11-19 modified 2008-02-14 published 2008-02-14 reporter Root source https://www.seebug.org/vuldb/ssvid-8090 title Citrix Presentation Server Client WFICA.OCX ActiveX Heap BOF Exploit
References
- http://www.tippingpoint.com/security/advisories/TSRT-06-15.html
- http://support.citrix.com/article/CTX111827
- http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755
- http://www.securityfocus.com/bid/21458
- http://securitytracker.com/id?1017343
- http://secunia.com/advisories/23246
- http://www.kb.cert.org/vuls/id/210969
- http://securityreason.com/securityalert/1995
- http://www.vupen.com/english/advisories/2006/4865
- http://fortconsult.net/files/fortconsult.dk/citrix_advisory_dec2006.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30740
- https://www.exploit-db.com/exploits/5106
- http://www.securityfocus.com/archive/1/453760/100/0/threaded