Integer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x prior to 9.3-57.5 and 10.0 prior to 10.0-69.4 allows remote malicious users to execute arbitrary code via a crafted Content-Length HTTP header, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
citrix access gateway plug-in |
||
citrix access gateway plug-in 10.0 |