140 matches found
Remote code execution
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...
UBUNTU-CVE-2021-33477
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...
CVE-2021-33477
The CVE-2021-33477 entry affects rxvt-unicode (9.22), rxvt (2.7.10), mrxvt (0.5.4) and Eterm (0.9.7). Root cause: improper handling of certain escape sequences (ESC G Q) that can terminate a response with a newline, enabling potentially remote code execution. Public advisories confirm this across...
CVE-2021-33477
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...
CVE-2021-33477
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...
rxvt-unicode 安全漏洞
rxvt-unicode is an application. A customizable terminal branching from rxvt. A security vulnerability exists in rxvt-unicode 9.22 that allows code execution because certain escape sequences ESC G Q are mishandled. The response is terminated by a line feed. No detailed vulnerability details are...
rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution Exploit
rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution. !/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/...
rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution
!/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/A ------------------------------------------------------------------------------ URXVT VULNERABILITY In rxvt-based terminals, ANSI...
PT-2021-4284 · Eterm +4 · Eterm +4
Name of the Vulnerable Software and Affected Versions: rxvt-unicode version 9.22 rxvt version 2.7.10 mrxvt version 0.5.4 Eterm version 0.9.7 Description: The issue is related to improper handling of certain escape sequences, specifically ESC G Q, which can lead to code execution. This could...
Updated rxvt-unicode packages fix security vulnerability
The rxvt-unicode package has been patched to harden it against potential integer overflow issues when printing escape sequences...
MGASA-2017-0193 Updated rxvt-unicode packages fix security vulnerability
The rxvt-unicode package has been patched to harden it against potential integer overflow issues when printing escape sequences...
openSUSE Security Update : rxvt-unicode (openSUSE-2017-670)
This update for rxvt-unicode fixes the following issue : While urxvt is not directly affected by CVE-2017-7483 we have added a patch to harden urxvt to avoid similar bugs in the future. boo1036456 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Gentoo Security Advisory GLSA 201406-18
Gentoo Linux Local Security Checks GLSA 201406-18 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rxvt-unicode package in the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The numerous vulnerabilities of the rxvt-unicode package on the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rxvt-unicode package up to version 9.20 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
SuSE 11.3 Security Update : rxvt-unicode (SAT Patch Number 9421)
rxvt-unicode was updated to ensure that window property values can not be queried in secure mode. CVE-2014-3121 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright ...
GLSA-201406-18 : rxvt-unicode: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201406-18 rxvt-unicode: User-assisted execution of arbitrary code rxvt-unicode does not properly handle OSC escape sequences, including those used to read and write X window properties. Impact : A remote attacker could entice a us...
rxvt-unicode: User-assisted execution of arbitrary code
Background rxvt-unicode urxvt is a clone of the rxvt terminal emulator. Description rxvt-unicode does not properly handle OSC escape sequences, including those used to read and write X window properties. Impact A remote attacker could entice a user to run a specially crafted file using...
openSUSE Security Update : rxvt-unicode (openSUSE-SU-2014:0814-1)
rxvt-unicode was patched to ensure that window property values can not be queried in secure mode CVE-2014-3121. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-430. The text...