Lucene search
K

130 matches found

Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.31 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xterm vulnerabilities (USN-703-1)

Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary...

9.3CVSS7.6AI score0.0747EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/01/07 12:0 a.m.36 views

Ubuntu USN-703-1 (xterm)

The remote host is missing an update to xterm announced via advisory USN-703-1. OpenVAS Vulnerability Test $Id: ubuntu7031.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7031.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-703-1 xterm Authors: Thomas Reinke...

9.3CVSS0.5AI score0.0747EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2009/01/06 1:24 a.m.74 views

USN-703-1: xterm vulnerabilities

Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary...

9.3CVSS7.3AI score0.0747EPSS
Exploits0
securityvulns
securityvulns
added 2006/10/04 12:0 a.m.27 views

Security flaw in IBM Client Security Password Manager

Hello all, I recently found a security flaw in the design of the IBM Client Security Password Manager an application used to authenticate application forms using fingerprints. It came to my attention that the application only recognized my e-bank site and authed against it if i had just created a...

0.2AI score
Exploits0
CVE
CVE
added 2005/03/10 5:0 a.m.48 views

CVE-2003-1090

CVE-2003-1090 describes a buffer overflow in AbsoluteTelnet prior to 2.12 RC10, allowing remote attackers to execute arbitrary code via a long window title. Affected product: AbsoluteTelnet; vulnerable component: window title handling; root cause: memory corruption due to overflow. Impact: remote...

10CVSS8.3AI score0.11635EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2004/09/01 8:0 a.m.20 views

CVE-2003-0063

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the...

7.6AI score0.03403EPSS
Exploits0References10
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2003-0065

The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitra...

7.2AI score0.01781EPSS
Exploits0References4
CVE
CVE
added 2004/09/01 4:0 a.m.64 views

CVE-2003-0064

The CVE concerns dtterm and related terminals’ Window Title Reporting feature. An attacker can craft an escape sequence that places the current window title on the command line, and the user must press Enter for the command to execute, enabling arbitrary command execution on the vulnerable host. ...

7.5CVSS7.2AI score0.02712EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.27 views

CVE-2003-0070

VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin...

6.9AI score0.02078EPSS
Exploits0References5
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.31 views

CVE-2003-0066

The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to...

7AI score0.02048EPSS
Exploits0References8
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.26 views

CVE-2003-0069

The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute...

6.5AI score0.02198EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.29 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitra...

7.2AI score0.02712EPSS
Exploits0References5
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.14 views

CVE-2003-0067

The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute...

7.2AI score0.01769EPSS
Exploits0References3
CVE
CVE
added 2004/09/01 4:0 a.m.75 views

CVE-2003-0070

CVE-2003-0070 affects VTE as used by gnome-terminal; the vte_sequence_handler_window_manipulation routine fails to sanitize certain escape sequences, allowing an attacker to modify the window title and inject it back into the command line, potentially enabling arbitrary command execution. This is...

6.8CVSS6.9AI score0.02078EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2004/09/01 4:0 a.m.54 views

CVE-2003-0065

CVE-2003-0065 concerns the uxterm terminal emulator window-title reporting vulnerability. A malicious escape sequence can modify the terminal window title and, when echoed back to the command line, enable attacker-controlled input to be executed by the user’s shell. The related literature documen...

7.5CVSS7.2AI score0.01781EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2004/09/01 4:0 a.m.60 views

CVE-2003-0066

The CVE-2003-0066 issue affects rxvt 2.7.8 and earlier. A vulnerable escape sequence allows an attacker to modify the window title and have that title re-enter the shell as a command, enabling arbitrary command execution when a user views a file containing the malicious sequence. The root cause i...

7.5CVSS7AI score0.02048EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.39 views

CVE-2003-0066

Removed by vendor...

7.5CVSS6.7AI score0.02048EPSS
Exploits0
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.38 views

CVE-2003-0068

The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker t...

7.5CVSS6.9AI score0.01944EPSS
Exploits0
NVD
NVD
added 2003/03/18 5:0 a.m.22 views

CVE-2003-0077

The hanterm hanterm-xf terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious...

7.5CVSS7.2AI score0.01938EPSS
Exploits0References6
NVD
NVD
added 2003/03/18 5:0 a.m.14 views

CVE-2003-0067

The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute...

7.5CVSS7.2AI score0.01769EPSS
Exploits0References3
Rows per page
Query Builder