CVE-2017-16879 in GNU and Canonical Products
Published on November 22, 2017
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.
Products Associated with CVE-2017-16879
stack.watch emails you whenever new vulnerabilities are published in GNU Ncurses or Canonical Ubuntu Linux. Just hit a watch button to start following.
Exploit Probability
EPSS
0.44%
Percentile
62.84%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.