VDB
CVE-2006-6334
CVE-2006-6334
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Server Client before 9.230 for Windows allows remote malicious web sites to execute arbitrary code via a DataSize parameter that is less than the length of the Data buffer.
EPSS 20.50% · 95.7th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
20.50%
95.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| citrix | presentation_server_client | 0 |
| n/a | n/a | n/a |
Timeline
- Dec 8, 2006 CVE Published
- Feb 12, 2008 PoC Published
- Jul 30, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 5106 exploit
- 23246 third-party-advisory
- 1995 third-party-advisory
- ADV-2006-4865 vdb
- citrix-wfica-bo(30740) vdb
- 21458 vdb
- VU#210969 third-party-advisory
- http://www.tippingpoint.com/security/advisories/TSRT-06-15.html url
- http://support.citrix.com/article/CTX111827 url
- http://fortconsult.net/files/fortconsult.dk/citrix_advisory_dec2006.pdf url
- 1017343 vdb
- http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755 url
- 20061207 TSRT-06-15: Citrix Presentation Server Client ActiveX Heap Overflow Vulnerability mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2006-6334 advisory