9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.4%
Possible RCE via stack-based buffer overflow in the fmt_entry function (CVE-2017-10684). Possible RCE with format string vulnerability in the fmt_entry function (CVE-2017-10685). Illegal address access in append_acs (CVE-2017-11112). Dereferencing NULL pointer in _nc_parse_entry (CVE-2017-11113). Fix infinite loop in the next_char function in comp_scan.c (CVE-2017-13728). Fix illegal address access in the _nc_save_str (CVE-2017-13729). Fix illegal address access in the function _nc_read_entry_source() (CVE-2017-13730). Fix illegal address access in the function postprocess_termcap() (CVE-2017-13731). Fix illegal address access in the function dump_uses() (CVE-2017-13732). Fix illegal address access in the fmt_entry function (CVE-2017-13733). Fix stack-based buffer overflow in the _nc_write_entry() function (CVE-2017-16879).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 6 | noarch | ncurses | < 6.0-8.1 | ncurses-6.0-8.1.mga6 |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.4%