Page 4 of 29 results (0.028 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Desbordamiento de búfer basado en pila en la función _nc_write_entry en tinfo/write_entry.c en ncurses en la versión 6.0 permite que los atacantes provoquen una denegación de servicio (cierre inesperado de la aplicación) o posiblemente ejecuten código arbitrario mediante un archivo terminfo manipulado, tal y como demuestra tic. tic in the GNU ncurses library version 6.0 suffers from a buffer overflow condition that can cause a denial of service. • http://invisible-island.net/ncurses/NEWS.html#t20171125 http://packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201804-13 https://tools.cisco.com/security/center/viewAlert.x?alertId=57695 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack. Existe un acceso ilegal a direcciones en la función _nc_safe_strcat en strings.c en ncurses 6.0 que podría acabar en un ataque de denegación de servicio remoto. • https://bugzilla.redhat.com/show_bug.cgi?id=1484291 https://security.gentoo.org/glsa/201804-13 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. Existe un acceso ilegal a direcciones en la función dump_uses() en dump_entry.c en ncurses 6.0 que podría acabar en un ataque de denegación de servicio remoto. • https://bugzilla.redhat.com/show_bug.cgi?id=1484287 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201804-13 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. Existe un acceso ilegal a direcciones en la función fmt_entry en dump_entry.c en ncurses 6.0 que podría acabar en un ataque de denegación de servicio remoto. • https://bugzilla.redhat.com/show_bug.cgi?id=1484290 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201804-13 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack. Existe un bucle infinito en la función next_char en comp_scan.c de ncurses 6.0 en relación con libtic. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. • https://bugzilla.redhat.com/show_bug.cgi?id=1484274 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201804-13 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •