Description
An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
References (1)
Core 1
Core References
Scores
CVSS v3
9.8
EPSS
0.0040
EPSS Percentile
60.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (2)
Micro Focus/Micro Focus VisiBroker
VisiBroker 8.5 prior to SP4 HF3
microfocus/visibroker
8.5
Published
Sep 21, 2017
Tracked Since
Feb 18, 2026