{"api_version":"1","generated_at":"2026-04-23T06:19:19+00:00","cve":"CVE-2006-5821","urls":{"html":"https://cve.report/CVE-2006-5821","api":"https://cve.report/api/cve/CVE-2006-5821.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-5821","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-5821"},"summary":{"title":"CVE-2006-5821","description":"Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-11-10 23:07:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://support.citrix.com/article/CTX111186","name":"http://support.citrix.com/article/CTX111186","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Vulnerabilities in Presentation Server's IMA Service could result in a Denial of Service or arbitrary code execution","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1017205","name":"http://securitytracker.com/id?1017205","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Citrix Presentation Server IMA Service Bugs Let Remote Users Execute Arbitrary Code and Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html","name":"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"ZDI-06-038","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/22802","name":"http://secunia.com/advisories/22802","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Citrix Presentation Server IMA Service Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/4429","name":"http://www.vupen.com/english/advisories/2006/4429","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/20986","name":"http://www.securityfocus.com/bid/20986","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Citrix Presentation Server IMA Service Multiple Remote Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/451337/100/100/threaded","name":"http://www.securityfocus.com/archive/1/451337/100/100/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-5821","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-5821","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"5821","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"1.0","cpe7":"*","cpe8":"windows_2000","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"5821","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"3.0","cpe7":"*","cpe8":"microsoft_windows_2000","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"5821","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe_presentation_server","cpe6":"4.0","cpe7":"*","cpe8":"64-bit","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"5821","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe_presentation_server","cpe6":"4.0","cpe7":"*","cpe8":"microsoft_windows_2000","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"5821","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe_presentation_server","cpe6":"4.0","cpe7":"*","cpe8":"microsoft_windows_2003","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T20:04:55.520Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20061109 ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/451337/100/100/threaded"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html"},{"name":"citrix-ima-management-bo(30148)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148"},{"name":"1017205","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1017205"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.citrix.com/article/CTX111186"},{"name":"20986","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/20986"},{"name":"22802","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/22802"},{"name":"ADV-2006-4429","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/4429"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-11-09T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-17T20:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20061109 ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/451337/100/100/threaded"},{"tags":["x_refsource_MISC"],"url":"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html"},{"name":"citrix-ima-management-bo(30148)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148"},{"name":"1017205","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1017205"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.citrix.com/article/CTX111186"},{"name":"20986","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/20986"},{"name":"22802","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/22802"},{"name":"ADV-2006-4429","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/4429"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-5821","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20061109 ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/451337/100/100/threaded"},{"name":"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html"},{"name":"citrix-ima-management-bo(30148)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148"},{"name":"1017205","refsource":"SECTRACK","url":"http://securitytracker.com/id?1017205"},{"name":"http://support.citrix.com/article/CTX111186","refsource":"CONFIRM","url":"http://support.citrix.com/article/CTX111186"},{"name":"20986","refsource":"BID","url":"http://www.securityfocus.com/bid/20986"},{"name":"22802","refsource":"SECUNIA","url":"http://secunia.com/advisories/22802"},{"name":"ADV-2006-4429","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/4429"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-5821","datePublished":"2006-11-10T23:00:00.000Z","dateReserved":"2006-11-08T00:00:00.000Z","dateUpdated":"2024-08-07T20:04:55.520Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-11-10 23:07:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:1.0:*:windows_2000:*:*:*:*:*","matchCriteriaId":"A77E8839-8E33-45E8-B491-C5733C8AB884"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*","matchCriteriaId":"0C88F86F-F07D-4C17-B5D5-EC8F1A69A65A"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:64-bit:*:*:*:*:*","matchCriteriaId":"E0A76F02-1EB3-4925-B241-91331EAFDDE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2000:*:*:*:*:*","matchCriteriaId":"9565EB76-11A0-415F-943A-E9870F5F37D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2003:*:*:*:*:*","matchCriteriaId":"A015864E-AF0C-49CA-8961-9CAA830DAE8E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"5821","Ordinal":"1","Title":"CVE-2006-5821","CVE":"CVE-2006-5821","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"5821","Ordinal":"1","NoteData":"Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.","Type":"Description","Title":"CVE-2006-5821"},{"CveYear":"2006","CveId":"5821","Ordinal":"2","NoteData":"2006-11-10","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"5821","Ordinal":"3","NoteData":"2018-10-17","Type":"Other","Title":"Modified"}]}}}