RHSA-2009:0019-01 -- Redhat hanterm-xfID: oval:org.secpod.oval:def:500550 | Date: (C)2012-01-31 (M)2023-11-13 |
Class: PATCH | Family: unix |
Hanterm is a replacement for xterm, a X Window System terminal emulator, that supports Hangul input and output. A flaw was found in the Hanterm handling of Device Control Request Status String escape sequences. An attacker could create a malicious text file that could run arbitrary commands if read by a victim inside a Hanterm window. All hanterm-xf users are advised to upgrade to the updated package, which contains a backported patch to resolve this issue. All running instances of hanterm must be restarted for the update to take effect.
Platform: |
Red Hat Enterprise Linux 2.1 |