High severity7.8NVD Advisory· Published Nov 22, 2017· Updated Jun 17, 2026
CVE-2017-16879
CVE-2017-16879
Description
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
< 5.6-93.12.1+ 2 more
- (no CPE)range: < 5.6-93.12.1
- (no CPE)range: < 5.6-93.12.1
- (no CPE)range: < 5.6-93.12.1
Patches
Vulnerability mechanics
References
6- invisible-island.net/ncurses/NEWS.htmlnvdVendor Advisory
- packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.htmlnvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201804-13nvdThird Party Advisory
- tools.cisco.com/security/center/viewAlert.xnvdPermissions RequiredThird Party Advisory
- lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Envd
- lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Envd
News mentions
0No linked articles in our index yet.