Published: 29/08/2017 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

It exists that ncurses was incorrectly performing memory management operations and was not blocking access attempts to illegal memory locations. An attacker could possibly use this issue to cause a denial of service. (CVE-2017-11112, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734)

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu ncurses 6.0

Several security issues were fixed in ncurses ...

Debian Bug report logs - #873746 ncurses: CVE-2017-13733 Package: src:ncurses; Maintainer for src:ncurses is Craig Small <csmall@debianorg>; Reported by: Raphael Hertzog <hertzog@debianorg> Date: Wed, 30 Aug 2017 13:51:01 UTC Severity: important Tags: security, upstream Found in versions ncurses/60+20170715-2, nc ...

Debian Bug report logs - #873723 ncurses: multiple vulnerabilities on tic, captoinfo, infotocap (CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13734) Package: src:ncurses; Maintainer for src:ncurses is Craig Small <csmall@debianorg>; Reported by: Raphael Hertzog <hertzog@debianorg&gt ...

There is an illegal address access in the _nc_save_str function in alloc_entryc in ncurses 60 It will lead to a remote denial of service attack ...

CWE-119 https://bugzilla.redhat.com/show_bug.cgi?id=1484276 https://security.gentoo.org/glsa/201804-13 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5448-1

CVE-2017-13729

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect