The xterm program is a terminal emulator for the X Window System. A flaw was found in the xterm handling of Device Control Request Status String escape sequences. An attacker could create a malicious text file that could run arbitrary commands if read by a victim inside an xterm window. All xterm users are advised to upgrade to the updated package, which contains a backported patch to resolve this issue. All running instances of xterm must be restarted for the update to take effect.