CVE-2017-10684

Опубликовано: 24 июн. 2017

Источник: redhat

CVSS3: 5.3

Описание

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

Отчет

Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ncurses	Not affected
Red Hat Enterprise Linux 6	ncurses	Not affected
Red Hat Enterprise Linux 7	ncurses	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=1473302ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-10684

CVSS3: 9.8

ubuntu

больше 8 лет назад

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

CVE-2017-10684

CVSS3: 9.8

nvd

больше 8 лет назад

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

CVE-2017-10684

CVSS3: 9.8

debian

больше 8 лет назад

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entr ...

GHSA-xm97-9w7x-8vx8

CVSS3: 9.8

github

больше 3 лет назад

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

openSUSE-SU-2017:1882-1

suse-cvrf

больше 8 лет назад

Recommended update for ncurses

5.3 Medium

CVSS3