CVE-2006-6334
CVE-2006-6334
Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Server Client before 9.230 for Windows allows remote malicious web sites to execute arbitrary code via a DataSize parameter that is less than the length of the Data buffer.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/5106unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://fortconsult.net/files/fortconsult.dk/citrix_advisory_dec2006.pdfhttp://secunia.com/advisories/23246http://securityreason.com/securityalert/1995http://securitytracker.com/id?1017343https://exchange.xforce.ibmcloud.com/vulnerabilities/30740http://support.citrix.com/article/CTX111827https://www.exploit-db.com/exploits/5106http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755http://www.kb.cert.org/vuls/id/210969http://www.securityfocus.com/archive/1/453760/100/0/threadedhttp://www.securityfocus.com/bid/21458http://www.tippingpoint.com/security/advisories/TSRT-06-15.html