17 matches found
EUVD-2007-3754
Malware in sbrugna...
SUSE CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
Gentoo Security Advisory GLSA 200708-07 (terminal)
The remote host is missing updates announced in advisory GLSA 200708-07. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200708-07 (terminal)
The remote host is missing updates announced in advisory GLSA 200708-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
USN-497-1: xfce4-terminal vulnerability
Lasse Kärkkäinen discovered that the Xfce Terminal did not correctly escape shell meta-characters during "Open Link" actions. If a remote attacker tricked a user into opening a specially crafted URI, they could execute arbitrary commands with the user's privileges...
Xfce-Terminal远程命令注入漏洞
BUGTRAQ ID: 24889 CVECAN ID: CVE-2007-3770 Xfce Terminal是Xfce桌面环境的控制台工具。 Xfce Terminal在使用URL串构造命令调用时存在漏洞,远程攻击者可能利用此漏洞诱使用户执行恶意Shell命令。 Xfce-Terminal 0.2.6 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.xfce.org/ http://foo.bar/$xterm/ http://google.com/search?q=$ls&sourceid=b0rk...
[ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution
Gentoo Linux Security Advisory GLSA 200708-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
GLSA-200708-07 : Xfce Terminal: Remote arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-200708-07 Xfce Terminal: Remote arbitrary code execution Lasse Karkkainen discovered that the function terminalhelperexecute in file terminal-helper.c does not properly escape the URIs before processing. Impact : A remote attacker...
Xfce Terminal: Remote arbitrary code execution
Background Xfce Terminal is a console tool for the Xfce desktop environment. Description Lasse Karkkainen discovered that the function terminalhelperexecute in file terminal-helper.c does not properly escape the URIs before processing. Impact A remote attacker could entice a user to open a...
CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
DEBIAN-CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
Open redirect
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...
CVE-2007-3770
The CVE-2007-3770 entry corresponds to a vulnerability in Xfce Terminal 0.2.6 where the terminal_helper_execute function in terminal/terminal.c allows command execution via shell metacharacters in a crafted link opened through the terminal’s Open Link feature. Impact is arbitrary command executio...
CVE-2007-3770
The terminalhelperexecute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality...