NextGuard
UNKNOWNCVE-2016-20043

NRSS RSS Reader 0.3.9-1 Stack Buffer Overflow

Platform

linux

Component

nrss-rss-reader

View on NVD

NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and achieve code execution.

How to fix

Actualizar a una versión corregida del lector NRSS RSS. Si no hay una versión disponible, considere usar un lector RSS alternativo. Evite abrir fuentes RSS no confiables.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2016-20043 — Vulnerability Details | NextGuard | NextGuard