[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2003-0063Date: (C)2003-03-03   (M)2023-12-22


The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://marc.info/?l=bugtraq&m=104612710031920&w=2
BID-6940
DSA-380
RHSA-2003:064
RHSA-2003:065
RHSA-2003:066
RHSA-2003:067
terminal-emulator-window-title(11414)

OVAL    4
oval:org.secpod.oval:def:102525
oval:org.secpod.oval:def:3867
oval:org.secpod.oval:def:101889
oval:org.secpod.oval:def:101749
...

© SecPod Technologies