CVE-2016-20042 in trn Threaded USENET News Reader
Sumário (Inglês)
TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.
Responsável
VulnCheck
Reservar
28/03/2026
Divulgação
28/03/2026
Inscrições
| Publicado em | Base | Temp | Vulnerabilidade | CWE | Prod | Exp | Con | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 28/03/2026 | 6.8 | 6.6 | trn Threaded USENET News Reader Excesso de tampão | 787 | Desconhecido | Prova de conceito | Não definido | 0.00013 | 2.08 | CVE-2016-20042 |