Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2006-6334

Published: 08/12/2006 Updated: 17/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Presentation Server Client

Vulnerability Summary

Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Server Client prior to 9.230 for Windows allows remote malicious web sites to execute arbitrary code via a DataSize parameter that is less than the length of the Data buffer.

Vulnerable Product Search on Vulmon Subscribe to Product

citrix presentation server client

Exploits

Exploit DB: Citrix Presentation Server Client - 'WFICA.OCX' ActiveX Heap Buffer Overflow
<!-- Citrix Presentation Server Client WFICAOCX ActiveX Component Heap Buffer Overflow Exploit Vulnerability discovered by Andrew Christensen and Aaron Portnoy wwwsecurityfocuscom/bid/21458 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2006-6334 written by eb Tested on Windows XP SP2(fully patched) English, IE6, wficaocx versio ...
Exploit DB: citrix-overflow.txt
Citrix Presentation Server Client WFICAOCX ActiveX component heap buffer overflow exploit ...

References

NVD-CWE-Otherhttp://www.tippingpoint.com/security/advisories/TSRT-06-15.htmlhttp://support.citrix.com/article/CTX111827http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755http://www.securityfocus.com/bid/21458http://securitytracker.com/id?1017343http://secunia.com/advisories/23246http://www.kb.cert.org/vuls/id/210969http://securityreason.com/securityalert/1995http://www.vupen.com/english/advisories/2006/4865http://fortconsult.net/files/fortconsult.dk/citrix_advisory_dec2006.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/30740https://www.exploit-db.com/exploits/5106http://www.securityfocus.com/archive/1/453760/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/5106/https://www.kb.cert.org/vuls/id/210969
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook