Buffer Overflow Vulnerability in Micro Focus Rumba FTP Client
CVE-2016-5764

8.8HIGH

Key Information:

Vendor: Microfocus
Status: Micro Focus Rumba Ftp 4.x Before 4.5 (hf 14668)
Vendor: CVE Published:; 27 October 2016

What is CVE-2016-5764?

The Micro Focus Rumba FTP client versions 4.X are susceptible to a buffer overflow vulnerability, which can lead to stack corruption. This issue arises when a user connects to a malicious server, potentially allowing an attacker to execute arbitrary code on the client machine. Users are advised to upgrade to Rumba FTP 4.5 (HF 14668) to mitigate this risk.

Affected Version(s)

Micro Focus Rumba FTP 4.X before 4.5 (HF 14668) Micro Focus Rumba FTP 4.X before 4.5 (HF 14668)

References

http://community.microfocus.com/microfocus/mainframe_solu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/93974

vdb-entryx_refsource_BID

https://www.exploit-db.com/exploits/40651/

exploitx_refsource_EXPLOIT-DB

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2016
Vulnerability Reserved
Jun 23, 2016

Microfocus

What is CVE-2016-5764?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline