SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

[3.6] ncurses: buffer overflow in the fmt_entry function(CVE-2017-10684, CVE-2017-10685)

ID: oval:org.secpod.oval:def:1800854	Date: (C)2018-03-28 (M)2023-11-10
Class: PATCH	Family: unix

CVE-2017-10684, CVE-2017-10685: In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

Platform:

Alpine Linux 3.6

Product:

ncurses

Reference:

7564

CVE-2017-10684

CVE-2017-10685


30479



423868



248392



909



195452



282