HTTP: Citrix Presentation Server Client ActiveX Control Buffer Overflow Vulnerability
This signature detects attempts to exploit a known vulnerability against Citrix Presentation Server Client. An attacker can create a malicious Web page containing dangerous ActiveX calls, which if visited, can allow the attacker to gain control of the victim's system.
Extended Description
Citrix Presentation Server Client is prone to an unspecified remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. This may lead to remote unauthorized access. All versions prior to 10.0 for Microsoft Windows platforms are vulnerable.
Affected Products
Citrix presentation_server_client
Short Name
HTTP:STC:CLSID:ACTIVEX:CTX-ICA
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Buffer CVE-2007-1196 Citrix Client Control Overflow Presentation Server Vulnerability bid:22762
Release Date
03/01/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Citrix
CVSS Score
9.3