CVE-2021-39537 - OpenCVE

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apple	Mac Os X Macos
Gnu	Ncurses

Configuration 1 [-]

cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:apple:mac_os_x:10.12.6:::::::*
	cpe:2.3:o:apple:macos:11.7:::::::*
	cpe:2.3:o:apple:macos:13.0:::::::*

References

Link	Resource
http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup	Patch Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/28	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/41	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/43	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/45	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html	Exploit Mailing List Vendor Advisory
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html	Mailing List Vendor Advisory
https://security.netapp.com/advisory/ntap-20230427-0012/
https://support.apple.com/kb/HT213443	Third Party Advisory
https://support.apple.com/kb/HT213444	Third Party Advisory
https://support.apple.com/kb/HT213488	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-09-20T00:00:00

Updated: 2023-12-03T20:06:14.375502

Reserved: 2021-08-23T00:00:00

Link: CVE-2021-39537

JSON object: View

NVD Information

Status : Modified

Published: 2021-09-20T16:15:12.477

Modified: 2023-12-03T20:15:06.860

Link: CVE-2021-39537

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-39537", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2023-12-03T20:06:14.375502", "dateReserved": "2021-08-23T00:00:00", "datePublished": "2021-09-20T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-12-03T20:06:14.375502"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html"}, {"url": "https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html"}, {"url": "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup"}, {"url": "https://support.apple.com/kb/HT213443"}, {"url": "https://support.apple.com/kb/HT213444"}, {"url": "https://support.apple.com/kb/HT213488"}, {"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Oct/41"}, {"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Oct/28"}, {"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Oct/43"}, {"name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Oct/45"}, {"url": "https://security.netapp.com/advisory/ntap-20230427-0012/"}, {"name": "[debian-lts-announce] 20231203 [SECURITY] [DLA 3682-1] ncurses security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*", "matchCriteriaId": "A503C728-34E7-46FB-B7FE-0098E21DEB95", "versionEndIncluding": "6.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "E84CE847-550E-445B-8972-2FB5BCF6B04F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:11.7:*:*:*:*:*:*:*", "matchCriteriaId": "F88F919B-09C2-433C-B416-24E3A8664045", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "669C9F3E-1DE9-4770-B611-04404D3A19D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow."}, {"lang": "es", "value": "Se ha detectado un problema en ncurses versiones hasta v6.2-1. La funci\u00f3n _nc_captoinfo en el archivo captoinfo.c presenta un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria"}], "id": "CVE-2021-39537", "lastModified": "2023-12-03T20:15:06.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-20T16:15:12.477", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Oct/28"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Oct/41"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Oct/43"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Oct/45"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Vendor Advisory"], "url": "https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20230427-0012/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213443"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213444"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213488"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}