CVE-2020-5212
5
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Summary
In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NetHack | NetHack | < 3.6.5 | affected |
Weaknesses
- CWE-120: CWE-120 Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.