The window manager Window Maker was found vulnerable to a buffer overflow due to improper bounds checking when setting the window title. An attacker can remotely exploit this buffer overflow by using malicious web page titles or terminal escape sequences to set a excessively long window title. This attack can lead to remote command execution with the privileges of the user running Window Maker.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 7.0 | i386 | wmaker | < 0.62.1-42 | wmaker-0.62.1-42.i386.rpm |
openSUSE | 7.2 | i386 | windowmaker | < 0.64.0-82 | WindowMaker-0.64.0-82.i386.rpm |
openSUSE | 6.4 | alpha | wmaker | < 0.61.1-57 | wmaker-0.61.1-57.alpha.rpm |
openSUSE | 6.3 | i386 | wmaker | < 0.61.1-59 | wmaker-0.61.1-59.i386.rpm |
openSUSE | 7.1 | alpha | windowmaker | < 0.62.1-23 | WindowMaker-0.62.1-23.alpha.rpm |
openSUSE | 7.1 | i386 | windowmaker | < 0.62.1-25 | WindowMaker-0.62.1-25.i386.rpm |
openSUSE | 7.1 | sparc | windowmaker | < 0.62.1-17 | WindowMaker-0.62.1-17.sparc.rpm |
openSUSE | 6.4 | i386 | wmaker | < 0.61.1-59 | wmaker-0.61.1-59.i386.rpm |
openSUSE | 7.1 | ppc | windowmaker | < 0.62.1-18 | WindowMaker-0.62.1-18.ppc.rpm |
openSUSE | 7.0 | sparc | wmaker | < 0.62.1-2 | wmaker-0.62.1-2.sparc.rpm |