EUVD-2005-1344

Malware in sbrugna...

TPTI-09-04: Apple Terminal xterm Resize Escape Sequence Memory Corruption Vulnerability

TPTI-09-04: Apple Terminal xterm Resize Escape Sequence Memory Corruption Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-04 June 2, 2009 -- CVE ID: CVE-2009-1717 -- Affected Vendors: Apple -- Affected Products: Apple OS X -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

Apple Terminal fails to properly sanitize input for "x-man-page" URI

Overview Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing an attacker to execute arbitrary commands. Description Mac OS X 10.3 includes a URI handler called x-man-page. It causes Apple Terminal to display a man page by using a URI of this form: x-man-page://command...

CVE-2005-1342

CVE-2005-1342 affects Apple Terminal on Mac OS X 10.3.9 where the x-man-page URI handler fails to sanitize terminal escape sequences, enabling remote command execution. The underlying issue is lack of input sanitization for x-man-page URIs, which could lead to arbitrary commands executed in the T...

CVE-2005-1341

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences...

CVE-2005-1342

The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands...

CVE-2005-1341

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences...

CVE-2005-1342

The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands...

CVE-2002-1898

Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window...