USN-703-1 -- xterm vulnerabilityID: oval:org.secpod.oval:def:700389 | Date: (C)2011-05-13 (M)2023-11-09 |
Class: PATCH | Family: unix |
Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privileges
Platform: |
Ubuntu 7.10 |
Ubuntu 8.04 |
Ubuntu 6.06 |
Ubuntu 8.10 |