Citrix Online Plug-in 11.2

Citrix Beta Online Plug-in Full version 11.2 – Overview August 10, 2009 November 5, 2019 Stephane Thirion Citrix, Receiver, Windows 7, XenApp Plugin Citrix ICA, Citrix Program Neighborhood, ICA Client, Online Plug-in, PNAgent.

  1. Citrix Online Plug-in Web can be installed on 32-bit and 64-bit versions of Windows XP/Vista/7/8/10. Our antivirus check shows that this download is safe. This free software is a product of Citrix Systems, Inc.
  2. Citrix online plug-in dv at UpdateStar More Citrix Online Plug-in 12.3.0.8. Citrix Online, a division of Citrix Systems, Inc.
  3. To Citrix for producing the most unintuitive install since MS-DOS 4 The second Wow! To Antonio Pereira for figuring out this workaround!
  4. Citrix Plug-in 11.2 released! RIP Program Neighborhood. Last month, I posted my findings on the beta releases of XenApp 4.5/5.0 HRP5 for Windows 2003 and the 11.2 Plug-in. Today, Citrix released the final Citrix XenApp Online Plug-In 11.2 (formally called XenApp client). See my previous post on more detail on the new features and changes this.
Modified

This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.

Current Description

Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a 'heap offset overflow' issue.

Citrix Online Plug-in 11.2

Analysis Description

Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a 'heap offset overflow' issue.

Citrix online plugin 11.2 for windows download

Severity

CVSS 3.x Severity and Metrics:

Citrix Online Plug-in 11.2 Inch

NIST:NVD
NVD score not yet provided.

NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.
Note: NVD Analysts have not published a CVSS score for this CVE at this time. NVD Analysts use publicly available information at the time of analysis to associate CVSS vector strings.
CVSS 2.0 Severity and Metrics:
Citrix Online Plug-in 11.2

Citrix Online Plug-in 11.22

NIST:NVD
Vector:HyperlinkResourcehttp://archives.neohapsis.com/archives/fulldisclosure/2010-08/0040.htmlhttp://support.citrix.com/article/CTX125975PatchVendor Advisoryhttp://www.securityfocus.com/archive/1/512861/100/0/threaded

Weakness Enumeration

CWE-IDCWE NameSource
CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferNIST

Known Affected Software Configurations Switch to CPE 2.2

Citrix Online Plug In 11.2 Download

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Citrix Online Plug-in 11.2 Download

Change History

2 change records found show changes

Comments are closed.