CVE-2016-20037 in Identicalsoftware xWPE
Сводка (Английский)
xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by shellcode to overwrite the instruction pointer and achieve code execution or denial of service.
Ответственный
VulnCheck
Резервировать
28.03.2026
Раскрытие
28.03.2026
Записи
| Опубликовано | База | Темп | Уязвимость | CWE | Прод | Экс | Кон | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 28.03.2026 | 6.8 | 6.6 | Identicalsoftware xWPE Command-Line Argument повреждение памяти | 787 | Неизвестно | Доказательство концепции | Не определено | 0.00012 | 1.85 | CVE-2016-20037 |