Vulnerability Details CVE-2016-20043
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and achieve code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.3%
CVSS Severity
CVSS v3 Score 8.4