Lucene search

K
ubuntuUbuntuUSN-962-1
HistoryJul 15, 2010 - 12:00 a.m.

VTE vulnerability

2010-07-1500:00:00
ubuntu.com
42

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.052

Percentile

93.0%

Releases

  • Ubuntu 10.04
  • Ubuntu 9.10
  • Ubuntu 9.04

Packages

  • vte - Terminal emulator widget for GTK+ 2.0

Details

Janne Snabb discovered that applications using VTE, such as gnome-terminal,
did not correctly filter window and icon title request escape codes. If a
user were tricked into viewing specially crafted output in their terminal,
a remote attacker could execute arbitrary commands with user privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchlibvte9< 1:0.22.2-0ubuntu2.1UNKNOWN
Ubuntu9.10noarchlibvte-dev< 1:0.22.2-0ubuntu2.1UNKNOWN
Ubuntu9.10noarchlibvte9-udeb< 1:0.22.2-0ubuntu2.1UNKNOWN
Ubuntu9.10noarchpython-vte< 1:0.22.2-0ubuntu2.1UNKNOWN
Ubuntu9.10noarchpython-vte-dbg< 1:0.22.2-0ubuntu2.1UNKNOWN
Ubuntu9.04noarchlibvte9< 1:0.20.0-0ubuntu2.1UNKNOWN
Ubuntu9.04noarchlibvte-dev< 1:0.20.0-0ubuntu2.1UNKNOWN
Ubuntu9.04noarchlibvte9-udeb< 1:0.20.0-0ubuntu2.1UNKNOWN
Ubuntu9.04noarchpython-vte< 1:0.20.0-0ubuntu2.1UNKNOWN
Ubuntu9.04noarchpython-vte-dbg< 1:0.20.0-0ubuntu2.1UNKNOWN
Rows per page:
1-10 of 151

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.052

Percentile

93.0%