Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
NetHack: Privilege escalation/remote code execution/crash in configuration pars…
Disclosure Date: December 20, 2019 (last updated November 08, 2023)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-19905. Reason: This candidate is a duplicate of CVE-2019-19905. Notes: All CVE users should reference CVE-2019-19905 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
0
Attacker Value
Unknown
CVE-2019-19905
Disclosure Date: December 19, 2019 (last updated October 06, 2023)
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
0
