Ncurses
CVE-2017-16879
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.
AnalysisAI
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Affected products include: Gnu Ncurses.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
An issue was discovered in ncurses through v6.2-1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory c
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. Rated high s
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. Rated high severit
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a r
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. Rated medium severity (
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead
There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remot
In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today