Unrated severityNVD Advisory· Published Nov 10, 2006· Updated Jun 16, 2026
CVE-2006-5821
CVE-2006-5821
Description
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:citrix:metaframe:1.0:*:windows_2000:*:*:*:*:*+ 2 more
- cpe:2.3:a:citrix:metaframe:1.0:*:windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*
- (no CPE)range: 1.0, 2.0
cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:64-bit:*:*:*:*:*+ 2 more
- cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:64-bit:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2000:*:*:*:*:*
- cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2003:*:*:*:*:*
- Range: 3.0, 4.0
Patches
Vulnerability mechanics
References
8- support.citrix.com/article/CTX111186nvdPatch
- secunia.com/advisories/22802nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/451337/100/100/threadednvd
- www.securityfocus.com/bid/20986nvd
- www.vupen.com/english/advisories/2006/4429nvd
- www.zerodayinitiative.com/advisories/ZDI-06-038.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30148nvd
News mentions
0No linked articles in our index yet.