Vulnerability Note VU#210969
Citrix ICA Client ActiveX control buffer overflow
A vulnerability in an ActiveX control provided with the Citrix Presentation Server Client could allow a remote attacker to execute arbitrary code on an affected system.
The Citrix Presentation Server Client software provides an ActiveX control that can be used to integrate the client into Web pages. The Citrix ICA Client ActiveX control, which is provided by Wfica.ocx, contains a buffer overflow vulnerability in the SendChannelData() method.
Citrix notes that his vulnerability is present in all versions of the Citrix Presentation Server Client for Windows earlier than 9.230.
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.
Disable the affected ActiveX control in Internet Explorer
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Citrix||Affected||-||04 Jan 2007|
CVSS Metrics (Learn More)
Thanks to Andrew Christensen of the FortConsult security research team for reporting this vulnerability. This issue was also independently reported by Aaron Portnoy of the TippingPoint Security Research Team.
This document was written by Chad R Dougherty.
- CVE IDs: CVE-2006-6334
- Date Public: 29 Nov 2006
- Date First Published: 04 Jan 2007
- Date Last Updated: 04 Jan 2007
- Document Revision: 11
If you have feedback, comments, or additional information about this vulnerability, please send us email.