Download
| Alert*
oval:org.secpod.oval:def:89044904
This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c . - CVE-2017-13729: Fix illegal address access in the _nc_save_str . - CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_sou ... oval:org.secpod.oval:def:1800726 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Fixed In Version: 6.0-20171125 oval:org.secpod.oval:def:2104603 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. oval:org.secpod.oval:def:1901775 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses-bin 6.0 allows attackers to cause a denial of service or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. oval:org.secpod.oval:def:1800569 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Fixed In Version: 6.0-20171125 oval:org.secpod.oval:def:1800538 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Fixed In Version:¶ 6.0-20171125 oval:org.secpod.oval:def:1800528 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Fixed In Version 6.0-20171125 |