Lucene search
RustsecRUSTSEC-2019-0006HistoryJun 15, 2019 - 12:00 p.m.
Buffer overflow and format vulnerabilities in functions exposed without unsafe
2019-06-1512:00:00
rustsec.org
10
EPSS
0.003
Percentile
65.1%
ncurses exposes functions from the ncurses library which:
- Pass buffers without length to C functions that may write an arbitrary amount of
data, leading to a buffer overflow. (instr,mvwinstr, etc) - Passes rust &str to strings expecting C format arguments, allowing hostile
input to execute a format string attack, which trivially allows writing
arbitrary data to stack memory (functions in theprintwfamily).
Related
osv
osv
Buffer overflow and format vulnerabilities in ncurses
2021-08-25 20:58:29
Mishandling of format strings in ncurses
2021-08-25 20:58:47
rosalinux
rosalinux
Advisory ROSA-SA-2021-1927
2021-07-02 17:32:26
cvelist
cvelist
CVE-2019-15547
2019-08-26 17:05:33
CVE-2019-15548
2019-08-26 17:02:16
debiancve
debiancve
CVE-2019-15548
2019-08-26 18:15:00
CVE-2019-15547
2019-08-26 18:15:00
cve
cve
CVE-2019-15547
2019-08-26 18:15:12
CVE-2019-15548
2019-08-26 18:15:12
nvd
nvd
CVE-2019-15547
2019-08-26 18:15:12
CVE-2019-15548
2019-08-26 18:15:12
prion
prion
Format string
2019-08-26 18:15:00
Buffer overflow
2019-08-26 18:15:00
ubuntucve
ubuntucve
CVE-2019-15547
2019-08-26 00:00:00
CVE-2019-15548
2019-08-26 00:00:00
github
github
Mishandling of format strings in ncurses
2021-08-25 20:58:47
Buffer overflow and format vulnerabilities in ncurses
2021-08-25 20:58:29