Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability.

Published : 2016-07-03 01:59 Updated : 2017-09-03 01:29

CVSS Score More info
Score 10.0 / 10
Vendor Product Version URI
Microfocus Rumba 9.4 cpe:/a:microfocus:rumba:9.4
  1. Microfocus (1) Search CVE
    1. Rumba (1) Search CVE
      1. 9.4


ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2017-09-03 05:59
2016-07-03 01:59