CVE-2017-10685

Опубликовано: 29 июн. 2017

Источник: debian

EPSS Низкий

Описание

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ncurses	fixed	6.0+20170701-1		package
ncurses	fixed	6.0+20161126-1+deb9u1	stretch	package
ncurses	fixed	5.9+20140913-1+deb8u1	jessie	package
ncurses	no-dsa		wheezy	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=1464692

EPSS

Процентиль: 78%

0.01126

Низкий

Связанные уязвимости

CVE-2017-10685

CVSS3: 9.8

ubuntu

больше 8 лет назад

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

CVE-2017-10685

redhat

больше 8 лет назад

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

CVE-2017-10685

CVSS3: 9.8

nvd

больше 8 лет назад

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

GHSA-67w6-7r3q-87w7

CVSS3: 9.8

github

больше 3 лет назад

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

openSUSE-SU-2017:1882-1

suse-cvrf

больше 8 лет назад

Recommended update for ncurses

EPSS

Процентиль: 78%

0.01126

Низкий