{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T14:22:34.454","vulnerabilities":[{"cve":{"id":"CVE-2016-4289","sourceIdentifier":"cret@cert.org","published":"2019-10-29T19:15:14.097","lastModified":"2024-11-21T02:51:48.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack based buffer overflow vulnerability exists in the method receiving data from SysTreeView32 control of the GMER 2.1.19357 application. A specially created long path can lead to a buffer overflow on the stack resulting in code execution. An attacker needs to create path longer than 99 characters to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el método que recibe datos desde el control SysTreeView32 de la aplicación GMER versión 2.1.19357. Una ruta larga especialmente creada puede conllevar a un desbordamiento del búfer en la pila resultando en una ejecución de código. Un atacante necesita crear una ruta de más de 99 caracteres para desencadenar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:P","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gmer:gmer:2.1.19357:*:*:*:*:*:*:*","matchCriteriaId":"9E73B36D-C45F-41C8-B98E-9FC2DA8F1840"}]}]}],"references":[{"url":"http://www.talosintelligence.com/reports/TALOS-2016-0127/","source":"cret@cert.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://www.talosintelligence.com/reports/TALOS-2016-0127/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}