{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T02:25:44.393","vulnerabilities":[{"cve":{"id":"CVE-2016-8386","sourceIdentifier":"talos-cna@cisco.com","published":"2017-02-27T21:59:00.193","lastModified":"2026-06-17T00:54:15.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a PDF containing a malformed font to XML, the tool will attempt to use a size out of the font to search through a linked list of buffers to return. Due to a signedness issue, a buffer smaller than the requested size will be returned. Later when the tool tries to populate this buffer, the overflow will occur which can lead to code execution under the context of the user running the tool."},{"lang":"es","value":"Existe un desbordamiento de búfer basado en memoria dinámica en Iceni Argus. Cuando intenta convertir un PDF que contiene una fuente mal formada a XML, la herramienta intentará utilizar un tamaño fuera de la fuente para buscar a través de una lista vinculada de búferes para devolver. Debido a un problema de firmas, se devolverá un búfer más pequeño que el tamaño solicitado. Después cuando la herramienta intenta llenar este búfer, se producirá el desbordamiento que puede conducir a a ejecución de código bajo el contexto del usuario que ejecuta la herramienta."}],"affected":[{"source":"talos-cna@cisco.com","affectedData":[{"vendor":"Iceni","product":"Argus","versions":[{"version":"6.6.04 (Sep 7 2012) NK","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iceni:argus:6.6.04:*:*:*:*:*:*:*","matchCriteriaId":"15F3CAC5-64D7-4FFF-B180-E4F271E488DA"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/96472","source":"talos-cna@cisco.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.talosintelligence.com/reports/TALOS-2016-0211/","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/96472","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.talosintelligence.com/reports/TALOS-2016-0211/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}}]}