What is CVE-2011-2882?

CVE-2011-2882 is a vulnerability in Citrix Access_gateway, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-07-21.

Is CVE-2011-2882 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Citrix Access_gateway

CVE-2011-2882

Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary co…

Vulnerability class: Buffer Overflow

EPSS: 0.758 (98.9th percentile) — read the EPSS interpretation.

Affected products

Citrix Access_gateway — versions 8.1, 9.0, 9.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

8358 (x_refsource_SREASON, third-party-advisory)
20110714 Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability (x_refsource_IDEFENSE, third-party-advisory)

Frequently asked questions

What is CVE-2011-2882?: CVE-2011-2882 is a vulnerability in Citrix Access_gateway, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-07-21.
Is CVE-2011-2882 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.