CVE-2016-9176

{"id": "CVE-2016-9176", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-11-04T00:59:00.167", "references": [{"url": "http://www.securityfocus.com/bid/94236", "source": "security@opentext.com"}, {"url": "https://www.exploit-db.com/exploits/40648/", "source": "security@opentext.com"}, {"url": "http://www.securityfocus.com/bid/94236", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/40648/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en pila en los componentes send.exe y receive.exe de Micro Focus Rumba 9.4 y versiones anteriores podr\u00eda ser usado por atacantes locales o atacantes capaces de inyectar argumentos a esos binarios para ejecutar c\u00f3digo."}], "lastModified": "2024-11-21T03:00:44.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:rumba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D41E6025-5301-4CA0-9C1E-AAD27702C6DB", "versionEndIncluding": "9.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}