Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4068

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-4068
Last Modified 28 Aug 2012 11:51:14
Published 26 Jul 2012 03:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4068

Summary

Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data.

Vulnerable Systems

Application

  • Citrix Provisioning Services 5.0

  • Citrix Provisioning Services 5.1

  • Citrix Provisioning Services 5.6

  • Citrix Provisioning Services 6.0

  • Citrix Provisioning Services 6.1


References

IDEFENSE - 20120501 Citrix Provisioning Services SoapServer Heap Buffer Overflow

CONFIRM - http://support.citrix.com/article/ctx133039

SECTRACK - 1027004

XF - citrix-provisioning-server-code-execution(75311)

OSVDB - 81664


Last Updated: 27 May 2016 10:55:01