Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-22f5-j3qf-kkbh
Vulnerability ID VCID-22f5-j3qf-kkbh
Aliases CVE-2003-0972
Summary Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2003-0972
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2003-0972
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2003-0972
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2003-0972
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0972.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0972
1617111 https://bugzilla.redhat.com/show_bug.cgi?id=1617111
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.79302
EPSS Score 0.01208
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T17:10:48.690438+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0