Do your applications use this vulnerable package?
Test your applications
Overview
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
References
CVSS Score
6.5
low severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionRequired
-
ScopeUnchanged
-
ConfidentialityNone
-
IntegrityNone
-
AvailabilityHigh
- CVE
- CVE-2017-13731
- CWE
- CWE-119
- Snyk ID
- SNYK-UBUNTU1604-NCURSES-367815
- Disclosed
- 29 Aug, 2017
- Published
- 29 Aug, 2017