fkie_cve-2016-1606
Vulnerability from fkie_nvd
Published
2016-07-03 01:59
Modified
2025-04-12 10:46
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client.
References
security@opentext.comhttp://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28601.rumba-9-4-stack-buffer-overflow-vulnerabilities.aspx
security@opentext.comhttp://www.securityfocus.com/bid/91548
security@opentext.comhttp://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5327.php
security@opentext.comhttps://cxsecurity.com/issue/WLB-2016050136
af854a3a-2127-422b-91ae-364da2661108http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28601.rumba-9-4-stack-buffer-overflow-vulnerabilities.aspx
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91548
af854a3a-2127-422b-91ae-364da2661108http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5327.php
af854a3a-2127-422b-91ae-364da2661108https://cxsecurity.com/issue/WLB-2016050136
Impacted products
Vendor Product Version
microfocus rumba 9.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microfocus:rumba:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2505F7B7-F0A6-40F4-950B-B3FFB4A2BF0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client."
    },
    {
      "lang": "es",
      "value": "Multiple desbordamiento del buffer basado en pila en objetos COM en Micro Focus Rumba 9.4.x en versiones anteriores a 9.4 HF 13960 permite a atacantes remotos ejecutar un c\u00f3digo arbitrario a trav\u00e9s de via (1) el valor de propiedad NetworkName para ObjectXSNAConfig.ObjectXSNAConfig en iconfig.dll, (2) el valor de propiedad CPName property para ObjectXSNAConfig.ObjectXSNAConfig en iconfig.dll, (3) el valor de propiedad PrinterName para ProfileEditor.PrintPasteControl en ProfEdit.dll, (4) el argumento Data para la funci\u00f3n WriteRecords en FTXBIFFLib.AS400FtxBIFF en FtxBIFF.dll, (5) el valor de propiedad Serialized para NMSECCOMPARAMSLib.SSL3 en NMSecComParams.dll, (6) el valor de propiedad UserName para NMSECCOMPARAMSLib.FirewallProxy en NMSecComParams.dll, (7) el valor de propiedad LUName para ProfileEditor.MFSNAControl en ProfEdit.dll, (8) el argumento newVal argument para la funci\u00f3n Load en FTPSFTPLib.SFtpSession en FTPSFtp.dll o (9) un archivo Host largo en el FTP Client."
    }
  ],
  "id": "CVE-2016-1606",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-03T01:59:04.797",
  "references": [
    {
      "source": "security@opentext.com",
      "url": "http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28601.rumba-9-4-stack-buffer-overflow-vulnerabilities.aspx"
    },
    {
      "source": "security@opentext.com",
      "url": "http://www.securityfocus.com/bid/91548"
    },
    {
      "source": "security@opentext.com",
      "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5327.php"
    },
    {
      "source": "security@opentext.com",
      "url": "https://cxsecurity.com/issue/WLB-2016050136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28601.rumba-9-4-stack-buffer-overflow-vulnerabilities.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5327.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cxsecurity.com/issue/WLB-2016050136"
    }
  ],
  "sourceIdentifier": "security@opentext.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.