CVE-2016-8335
Last modified
CVE-2016-8335 is a vulnerability of currently unknown severity. An exploitable stack based buffer overflow vulnerability exists in the ipNameAdd functionality of Iceni Argus Version 6.6.04 (Sep 7 2012) NK - Linux x64 and Version 6.6.04 (Nov 14 2014) NK - Windows x64. A specially crafted pdf file can cause a buffer overflow resulting in arbitrary code execution. EPSS estimates a 2.06% chance of exploitation in the next 30 days.
Description
An exploitable stack based buffer overflow vulnerability exists in the ipNameAdd functionality of Iceni Argus Version 6.6.04 (Sep 7 2012) NK - Linux x64 and Version 6.6.04 (Nov 14 2014) NK - Windows x64. A specially crafted pdf file can cause a buffer overflow resulting in arbitrary code execution. An attacker can send/provide malicious pdf file to trigger this vulnerability.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Iceni | Argus | 6.6.04 |
References
- http://www.talosintelligence.com/reports/2016-TALOS-0202/Exploit, Third Party Advisory
- http://www.talosintelligence.com/reports/2016-TALOS-0202/Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-8335?
How severe is CVE-2016-8335?
How do I fix CVE-2016-8335?
Are you affected by CVE-2016-8335?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST