Lucene search
MitreCVE-2006-7236HistoryJan 02, 2009 - 6:11 p.m.
CVE-2006-7236
2009-01-0218:11:09
CWE-16
mitre
web.nvd.nist.gov
47
cve
xterm
debian
linux
ubuntu
allowwindowops
arbitrary code
escape sequences
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
High
EPSS
0.003
Percentile
70.4%
The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.
Affected configurations
Node
invisible-islandxtermMatch_nil_
debiandebian_linux
ORubuntulinux
| Vendor | Product | Version | CPE |
|---|---|---|---|
| invisible-island | xterm | _nil_ | cpe:2.3:a:invisible-island:xterm:_nil_:*:*:*:*:*:*:* |
| debian | debian_linux | * | cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:* |
| ubuntu | linux | * | cpe:2.3:o:ubuntu:linux:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2006-7236
2009-01-02 18:11:09
ubuntucve
ubuntucve
CVE-2006-7236
2009-01-02 00:00:00
debiancve
debiancve
CVE-2006-7236
2009-01-02 18:11:09
cvelist
cvelist
CVE-2006-7236
2009-01-02 18:00:00
exploitdb
exploitdb
xterm - DECRQSS Remote Command Execution
2008-12-29 00:00:00
redhatcve
redhatcve
CVE-2006-7236
2015-10-30 09:40:49
openvas
openvas
Ubuntu USN-703-1 (xterm)
2009-01-07 00:00:00
Ubuntu: Security Advisory (USN-703-1)
2009-01-07 00:00:00
Ubuntu USN-702-1 (samba)
2009-01-07 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xterm vulnerabilities (USN-703-1)
2009-04-23 00:00:00
ubuntu
ubuntu
xterm vulnerabilities
2009-01-06 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
High
EPSS
0.003
Percentile
70.4%
Related for CVE-2006-7236