CVE-2016-20049

Exploit

EPSS 0.67%
Veröffentlicht 28.03.2026 11:58:09
Zuletzt bearbeitet 22.04.2026 13:58:46
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

JAD 1.5.8e-1kali1 Stack-Based Buffer Overflow Remote Code Execution

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack, overwrite return addresses, and execute shellcode in the application context.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Varaneckas ≫ Jad Java Decompiler Version1.5.8e-1kali1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.67%	0.47

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.exploit-db.com/exploits/42076

Exploit

VDB Entry

http://www.varaneckas.com/jad/

Product

https://www.vulncheck.com/advisories/jad-8e-1kali1-stack-based-buffer-overflow-remote-code-execution

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-20049

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-20049

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-20049

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2016-20049