CVE-2016-20042 in trn Threaded USENET News Reader
Summary
TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.
Responsible
VulnCheck
Reservation
03/28/2026
Disclosure
03/28/2026
Entries
| Published | Base | Temp | Vulnerability | CWE | Prod | Exp | Cou | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 03/28/2026 | 6.8 | 6.6 | trn Threaded USENET News Reader out-of-bounds write | 787 | Unknown | Proof-of-Concept | Not defined | 0.00013 | 2.24 | CVE-2016-20042 |