What is CVE-2016-20040?

CVE-2016-20040 is a high-severity vulnerability in Ticalc Texas Instrument Emulator, classified under Path Traversal. CVSS score: 8.4/10. Published 2026-03-28.

How severe is CVE-2016-20040?

High severity. CVSS v3 base score is 8.4 out of 10.

Path Traversal in Ticalc Texas Instrument Emulator

CVE-2016-20040

TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu com…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (7.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.4 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Ticalc Texas Instrument Emulator — versions 3.03

Weakness classification (CWE)

CWE-22 — Path Traversal

References

ExploitDB-39692 (exploit)
Official Product Homepage (product)
VulnCheck Advisory: TiEmu 3.03-nogdb+dfsg-3 Buffer Overflow via ROM Parameter (third-party-advisory)

Frequently asked questions

What is CVE-2016-20040?: CVE-2016-20040 is a high-severity vulnerability in Ticalc Texas Instrument Emulator, classified under Path Traversal. CVSS score: 8.4/10. Published 2026-03-28.
How severe is CVE-2016-20040?: High severity. CVSS v3 base score is 8.4 out of 10.