{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2016-20047", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-28T11:40:17.377Z", "datePublished": "2026-03-28T11:58:07.645Z", "dateUpdated": "2026-03-28T11:58:07.645Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-28T11:58:07.645Z"}, "title": "EKG Gadu 1.9 Local Buffer Overflow via Username Parameter", "descriptions": [{"lang": "en", "value": "EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258 bytes to overwrite the instruction pointer and execute shellcode with user privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "ekg", "product": "EKG Gadu", "versions": [{"version": "1:1.9~pre+r2855-3+b1", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/40392", "name": "ExploitDB-40392", "tags": ["exploit"]}, {"url": "http://ekg.chmurka.net/", "name": "Official Product Homepage", "tags": ["product"]}, {"name": "VulnCheck Advisory: EKG Gadu 1.9 Local Buffer Overflow via Username Parameter", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/ekg-gadu-local-buffer-overflow-via-username-parameter"}], "credits": [{"lang": "en", "value": "Juan Sacco - http://www.exploitpack.com -", "type": "finder"}], "x_generator": {"engine": "vulncheck"}, "datePublic": "2016-09-19T00:00:00.000Z"}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258 bytes to overwrite the instruction pointer and execute shellcode with user privileges."}], "id": "CVE-2016-20047", "lastModified": "2026-03-28T12:16:01.013", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-03-28T12:16:01.013", "references": [{"source": "[email protected]", "url": "http://ekg.chmurka.net/"}, {"source": "[email protected]", "url": "https://www.exploit-db.com/exploits/40392"}, {"source": "[email protected]", "url": "https://www.vulncheck.com/advisories/ekg-gadu-local-buffer-overflow-via-username-parameter"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "[email protected]", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1:1.9~pre+r2855-3+b1"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "EKG Gadu", "source": "cna", "vendor": "ekg"}, "product": "ekg_gadu", "vendor": "ekg"}], "analysis": {"en": {"generated_at": "2026-03-28T13:24:55.688065+00:00", "value": {"mitigation_remediation": ["Upgrade EKG Gadu to a current release that removes the vulnerable strlcpy call.", "If an upgrade is not immediately possible, eliminate or tightly restrict local accounts that can supply arbitrary usernames.", "Verify that the application no longer accepts usernames larger than 258 bytes and test with boundary values."], "summary": {"action": "Apply Patch", "impact": "Local Code Execution"}, "threat_synthesis": {"affected_systems": "The product affected is EKG Gadu version 1.9 (build 1.9~pre+r2855-3+b1) from vendor EKG:EKG Gadu.", "description_and_impact": "The vulnerability is a local buffer overflow in the username handling routine of EKG Gadu 1.9, triggered by passing an overly long username string to the strlcpy function. When the string exceeds 258 bytes, the function overflows the buffer, overwriting the instruction pointer and enabling an attacker with local access to execute injected shellcode under the privileges of the victim user.", "risk_and_exploitability": "With a CVSS score of 8.6, this issue is considered high severity. The exploit requires local user access and does not appear dependent on any network exposure; however, any local user can trigger arbitrary code execution. The EPSS score is unavailable and the vulnerability is not listed in the CISA KEV catalog, indicating a moderate potential for exploitation but no known widespread attacks."}}}}, "created": "2026-03-29T20:32:24.460528+00:00", "updated": "2026-03-30T06:59:18.517444+00:00", "vendors": ["ekg", "ekg$PRODUCT$ekg_gadu"]}