What is CVE-2016-9176?

CVE-2016-9176 is a critical-severity vulnerability in Micro Focus Rumba 9.4, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 9.8/10. Published 2016-11-04.

How severe is CVE-2016-9176?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Buffer overflow in Micro Focus Rumba 9.4

CVE-2016-9176

Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code.

Vulnerability class: Buffer Overflow

EPSS: 0.019 (83.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Micro Focus Rumba 9.4 — versions Micro Focus Rumba 9.4
Microfocus Rumba

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

94236 (vdb-entry, x_refsource_BID)
security@opentext.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2016-9176?: CVE-2016-9176 is a critical-severity vulnerability in Micro Focus Rumba 9.4, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 9.8/10. Published 2016-11-04.
How severe is CVE-2016-9176?: Critical severity. CVSS v3 base score is 9.8 out of 10.