CVE-2016-20041 in Yasr Screen Reader
Résumé (Anglaise)
Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to overwrite the stack and trigger code execution.
Responsable
VulnCheck
Réserver
28/03/2026
Divulgation
28/03/2026
Entrées
| Publié | Base | Temp | Vulnérabilité | CWE | Prod | Exp | Con | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 28/03/2026 | 6.8 | 6.6 | Yasr Screen Reader directory traversal | 22 | Inconnu | Preuve de concept | Non défini | 0.00017 | 1.56 | CVE-2016-20041 |