CVE-2016-9176Improper Restriction of Operations within the Bounds of a Memory Buffer in Rumba

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
9.8CRITICALNVD
EPSS
1.9%
top 16.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microfocus RumbaMicro Focus Rumba 9.4
Timeline
PublishedNov 4
Latest updateMay 17

Description

Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDmicrofocus/rumba9.4.0
CVEListV5micro_focus/micro_focus_rumba_9.4Micro Focus Rumba 9.4

🔴Vulnerability Details

1
GHSA
GHSA-hx97-fgxc-2h4w: Stack buffer overflow in the send2022-05-17