Vulnerabilities > Citrix > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-12-26 | CVE-2012-5161 | Remote Code Execution vulnerability in Citrix Xenapp 6.5.0.0 The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2012-10-26 | CVE-2012-4501 | Permissions, Privileges, and Access Controls vulnerability in multiple products Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs. | 10.0 |
| 2011-07-21 | CVE-2011-2883 | Improper Input Validation vulnerability in Citrix Access Gateway 8.1/9.0/9.1 The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 attempts to validate signed DLLs by checking the certificate subject, not the signature, which allows man-in-the-middle attackers to execute arbitrary code via HTTP header data referencing a DLL that was signed with a crafted certificate. | 9.3 |
| 2011-07-21 | CVE-2011-2882 | Buffer Errors vulnerability in Citrix Access Gateway 8.1/9.0/9.1 Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data. | 9.3 |
| 2011-01-14 | CVE-2010-4566 | Unspecified vulnerability in Citrix Access Gateway The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field. | 9.3 |
| 2010-08-11 | CVE-2010-2991 | Code Injection vulnerability in Citrix Online Plug-In FOR Windows for Xenapp & Xendesktop 11.1 The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document that triggers the reading of a .ICA file. | 9.3 |
| 2010-08-11 | CVE-2010-2990 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Citrix products Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a "heap offset overflow" issue. | 9.3 |
| 2009-07-14 | CVE-2009-2452 | Security vulnerability in Citrix Licensing 11.5 Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console." | 10.0 |
| 2008-06-03 | CVE-2008-2528 | Improper Authentication vulnerability in Citrix Access Gateway 4.5.5/4.5.6 Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors. | 10.0 |
| 2008-01-18 | CVE-2008-0356 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Citrix products Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513. | 10.0 |