logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2009-4495

Description

Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. #### Notes Author| Note ---|--- [jdstrand](<https://launchpad.net/~jdstrand>) | if there is a problem, it is the terminal that has the issue


Affected Package


OS OS Version Package Name Package Version
ubuntu 18.04 yaws any
ubuntu 20.04 yaws any
ubuntu 08.10 yaws any
ubuntu 22.04 yaws any
ubuntu upstream yaws any
ubuntu 12.04 yaws any
ubuntu 14.04 yaws any
ubuntu upstream yaws any
ubuntu 16.04 yaws any

Related