Lucene search

K

MitreCVELIST:CVE-2008-1142

HistoryApr 07, 2008 - 5:00 p.m.

CVE-2008-1142

2008-04-0717:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

References

article.gmane.org/gmane.comp.security.oss.general/122

bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296

lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

secunia.com/advisories/29576

secunia.com/advisories/30224

secunia.com/advisories/30225

secunia.com/advisories/30226

secunia.com/advisories/30227

secunia.com/advisories/30229

secunia.com/advisories/31687

security.gentoo.org/glsa/glsa-200805-03.xml

www.mandriva.com/security/advisories?name=MDVSA-2008:161

www.mandriva.com/security/advisories?name=MDVSA-2008:221

www.securityfocus.com/bid/28512

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

Related for CVELIST:CVE-2008-1142

debiancve1 nessus5 openvas4 prion1 ubuntucve1 nvd1 cve1 gentoo1 securityvulns2 seebug1