CVE-2016-20043 in NRSS RSS Reader
Summary
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and achieve code execution.
Responsible
VulnCheck
Reservation
03/28/2026
Disclosure
03/28/2026
Entries
| Published | Base | Temp | Vulnerability | CWE | Prod | Exp | Cou | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 03/28/2026 | 6.8 | 6.6 | NRSS RSS Reader out-of-bounds write | 787 | Unknown | Proof-of-Concept | Not defined | 0.00013 | 2.73 | CVE-2016-20043 |