CVE-2017-10685

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

Published : 2017-06-29 23:29 Updated : 2019-10-03 00:03

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Gnu Ncurses 6.0 cpe:/a:gnu:ncurses:6.0
  1. Gnu (1) Search CVE
    1. Ncurses (1) Search CVE
      1. 6.0

CWE

ID Name Description Links
CWE-134 Use of Externally-Controlled Format String The software uses a function that accepts a format string as an argument, but the format string originates from an external source. CVE

History of changes

Date Event
2019-10-03 00:03
2018-10-21 10:29
2017-07-03 14:30
2017-06-29 23:29

New CVE