Vulnerability Description
Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Provisioning Services | 5.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/81664
- http://support.citrix.com/article/ctx133039Patch
- http://www.securitytracker.com/id?1027004
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-avaiPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75311
- http://osvdb.org/81664
- http://support.citrix.com/article/ctx133039Patch
- http://www.securitytracker.com/id?1027004
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-avaiPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75311
FAQ
What is CVE-2012-4068?
CVE-2012-4068 is a vulnerability with a CVSS score of 7.5 (HIGH). Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associa...
How severe is CVE-2012-4068?
CVE-2012-4068 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4068?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Provisioning Services.