CVSS: 10.0EPSS: 33%CPEs: 1EXPL: 1CVE-2016-5228 – Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-5228
Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability. Desbordamiento del buffer basado en pila en la función PlayMacro en ObjectXMacro.ObjectXMacro en WdMacCtl.ocx en Micro Focus Rumba 9.x en versiones anteriores a 9.3 HF 11997 y 9.4.x en versiones anteriores a 9.4 HF 12815 permite a atacantes remotos ejecutar un código arbitrario a través de un argumento MacroName largo. NOTA: algunas referencias mencionan CVE-2016-5226 pero ese no es el ID corrector para ninguna vulnerabilidad de Rumba. Micro Focus Rumba versions 9.3 and below suffer from an active-x stack buffer overflow vulnerability. • https://www.exploit-db.com/exploits/40649 http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28600.micro-focus-rumba-9-x-security-update.aspx http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5327.php https://cxsecurity.com/issue/WLB-2016050136 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1599
https://notcve.org/view.php?id=CVE-2016-1599
Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en NetIQ Self Service Password Reset (SSPR) 2.x y 3.x en versiones anteriores a 3.3.1 HF2 permite a atacantes remotos inyectar texto web arbitrario o HTML a través de una URL manipulada. • http://www.securityfocus.com/bid/96837 https://bugzilla.netiq.com/show_bug.cgi?id=967461 https://www.netiq.com/support/kb/doc.php?id=7017399 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1991
https://notcve.org/view.php?id=CVE-2016-1991
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors. HPE ArcSight ESM 5.x en versiones anteriores a 5.6, 6.0, 6.5.x en versiones anteriores a 6.5C SP1 Patch 2 y 6.8c en versiones anteriores a P1 y ArcSight ESM Express en versiones anteriores a 6.9.1, permite a usuarios remotos autenticados llevar a cabo ataques de "descarga de archivo" no especificados a través de vectores desconocidos. • http://www.securitytracker.com/id/1035282 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1990
https://notcve.org/view.php?id=CVE-2016-1990
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors. HPE ArcSight ESM 5.x en versiones anteriores a 5.6, 6.0, 6.5.x en versiones anteriores a 6.5C SP1 Patch 2 y 6.8c en versiones anteriores a P1 y ArcSight ESM Express en versiones anteriores a 6.9.1, permite a usuarios locales obtener privilegios para la ejecución de comandos a través de vectores no especificados. • http://www.securitytracker.com/id/1035282 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2015-6030
https://notcve.org/view.php?id=CVE-2015-6030
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales obtener privilegios mediante el aprovechamiento del acceso a la cuenta ArcSight. • http://www.kb.cert.org/vuls/id/842252 http://www.securitytracker.com/id/1034072 http://www.securitytracker.com/id/1034073 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04872416 • CWE-264: Permissions, Privileges, and Access Controls •