CVSS: 9.3EPSS: 4%CPEs: 3EXPL: 0CVE-2012-4603
https://notcve.org/view.php?id=CVE-2012-4603
10 Jan 2020 — Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. Citrix XenApp Online Plug-in para Windows versión 12.1 y anteriores, y Citrix Receiver para Windows versión 3.2 y anteriores, podrían permitir a atacantes remotos ejecutar código arbitrario al convencer a un objetivo de que abra un archivo especialmente diseña... • http://www.securityfocus.com/bid/55518 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 3%CPEs: 2EXPL: 0CVE-2010-2991
https://notcve.org/view.php?id=CVE-2010-2991
11 Aug 2010 — The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document that triggers the reading of a .ICA file. El interfaz ICAClient en la librería ICAClient del componente ICA Client ActiveX Object (también conocido como ICO) en Citrix Online Plug-in para Windows para XenApp... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=875 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 2%CPEs: 5EXPL: 0CVE-2010-2990
https://notcve.org/view.php?id=CVE-2010-2990
11 Aug 2010 — Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a "heap offset overflow" issue. Citrix Online Plug-in para Windo... • http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •