cvedb.io
CVE-2016-5228
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2016-07-03T01:59:09.923 · Last modified 2026-06-17T00:49:00.660

Summary

Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability.

Affected products

microfocus — rumba

Does this affect you?

Add your gear to cvedb and we'll alert you only when microfocus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.