Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2002-0062

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

Published

2002-03-08T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	debian	debian_linux	2.2	Yes
Operating System	debian	debian_linux	2.2	Yes
Operating System	debian	debian_linux	2.2	Yes
Operating System	debian	debian_linux	2.2	Yes
Operating System	debian	debian_linux	2.2	Yes
Operating System	debian	debian_linux	2.2	Yes
Operating System	freebsd	freebsd	3.1	Yes
Operating System	freebsd	freebsd	3.2	Yes
Operating System	freebsd	freebsd	3.3	Yes
Operating System	freebsd	freebsd	3.4	Yes
Operating System	freebsd	freebsd	3.5	Yes
Operating System	freebsd	freebsd	3.5.1	Yes
Operating System	freebsd	freebsd	4.0	Yes
Operating System	freebsd	freebsd	4.1	Yes
Operating System	freebsd	freebsd	4.1.1	Yes
Operating System	freebsd	freebsd	5.0	Yes
Operating System	redhat	linux	6.1	Yes
Operating System	redhat	linux	6.1	Yes
Operating System	redhat	linux	6.1	Yes
Operating System	redhat	linux	7.0	Yes
Operating System	redhat	linux	7.0	Yes
Operating System	redhat	linux	7.1	Yes
Operating System	redhat	linux	7.1	Yes
Operating System	redhat	linux	7.2	Yes
Operating System	suse	suse_linux	6.2	Yes
Operating System	suse	suse_linux	6.3	Yes
Operating System	suse	suse_linux	7.0	Yes
Application	gnu	ncurses	< 5.0	Yes

References

http://www.debian.org/security/2002/dsa-113 Patch, Vendor Advisory ([email protected])
http://www.iss.net/security_center/static/8222.php Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2002-020.html Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/2116 Patch, Third Party Advisory, VDB Entry, Vendor Advisory ([email protected])
http://www.debian.org/security/2002/dsa-113 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.iss.net/security_center/static/8222.php Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2002-020.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/2116 Patch, Third Party Advisory, VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)