CVE-2020-9366: A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.

Affected

6 ranges

Vendor	Product	Version range	Fixed in
debian	screen	< screen 4.8.0-1 (bookworm)	screen 4.8.0-1 (bookworm)
gnu	screen	< 4.8.0	4.8.0
gnu	screen	>= 0 < 4.8.0-1	4.8.0-1
gnu	screen	>= 0 < 4.8.0-1	4.8.0-1
gnu	screen	>= 0 < 4.8.0-1	4.8.0-1
gnu	screen	>= 0 < 4.8.0-1	4.8.0-1

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

osv9.8CRITICAL