CVE-2006-5821

Name of the Vulnerable Software and Affected Versions: Citrix MetaFrame XP versions 1.0 through 2.0 Citrix Presentation Server versions 3.0 through 4.0

Description: The issue is related to a heap-based buffer overflow in the IMA SECURE DecryptData1 function within ImaSystem.dll. This allows remote attackers to execute arbitrary code by sending requests to the Independent Management Architecture (IMA) service, specifically ImaSrv.exe, with invalid size values that trigger the overflow during the decryption process.

Recommendations: For Citrix MetaFrame XP versions 1.0 through 2.0, update to a version that includes a fix for the heap-based buffer overflow in the IMA SECURE DecryptData1 function. For Citrix Presentation Server versions 3.0 through 4.0, update to a version that includes a fix for the heap-based buffer overflow in the IMA SECURE DecryptData1 function. As a temporary workaround, consider restricting access to the IMA service (ImaSrv.exe) to minimize the risk of exploitation.