12 matches found
Code injection
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063...
CVE-2015-8971
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063...
CVE-2015-8971
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063...
CVE-2015-8971
The CVE-2015-8971 issue affects Terminology (terminal emulator) version 0.7.0, where incorrect sanitising of character escape sequences allows an attacker to execute arbitrary commands by crafting escape sequences that modify the window title and are written to the terminal. Root cause: failure t...
Fedora 9 : xterm-238-1.fc9 (2009-0059)
This update fixes the following security issue: CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related...
Fedora 8 : xterm-238-1.fc8 (2009-0154)
This update fixes the following security issue: CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related...
Fedora Core 8 FEDORA-2009-0154 (xterm)
The remote host is missing an update to xterm announced via advisory FEDORA-2009-0154. OpenVAS Vulnerability Test $Id: fcore20090154.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0154 xterm Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 9 FEDORA-2009-0059 (xterm)
The remote host is missing an update to xterm announced via advisory FEDORA-2009-0059. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 10 FEDORA-2009-0091 (xterm)
The remote host is missing an update to xterm announced via advisory FEDORA-2009-0091. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Crlf injection
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071...
CVE-2003-0063
The vulnerability refers to the xterm terminal emulator in XFree86 4.2.0 and earlier. The issue allows an attacker to change the window title via a specific escape sequence and then insert it back into the user’s shell, potentially leading to execution of arbitrary commands. Connected documents c...
CVE-2003-0063
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the...