encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
Max CVSS
9.8
EPSS Score
1.45%
Published
2021-02-09
Updated
2022-05-06
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.
Max CVSS
6.5
EPSS Score
0.06%
Published
2023-04-08
Updated
2023-04-19
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.
Max CVSS
2.6
EPSS Score
3.97%
Published
2006-10-24
Updated
2011-03-08
3 vulnerabilities found