Nixpkgs Security Tracker

Dismissed

Permalink CVE-2003-0063

7.3 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month, 1 week ago
@LeSuisse removed
3 packages
- fontxfree86type1
- font-xfree86-type1
- xorg.fontxfree86type1
1 month ago
@LeSuisse dismissed 1 month ago

The xterm terminal emulator in XFree86 4.2.0 and earlier allows …

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

References

DSA-380 vendor-advisory
RHSA-2003:067 vendor-advisory
RHSA-2003:066 vendor-advisory
20030224 Terminal Emulator Security Issues mailing-list
RHSA-2003:064 vendor-advisory
RHSA-2003:065 vendor-advisory
6940 vdb-entry
terminal-emulator-window-title(11414) vdb-entry
20030224 Terminal Emulator Security Issues mailing-list
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list
20030224 Terminal Emulator Security Issues mailing-list
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list
DSA-380 vendor-advisory
RHSA-2003:067 vendor-advisory
RHSA-2003:066 vendor-advisory
20030224 Terminal Emulator Security Issues mailing-list
RHSA-2003:064 vendor-advisory
RHSA-2003:065 vendor-advisory
6940 vdb-entry
terminal-emulator-window-title(11414) vdb-entry
DSA-380 vendor-advisory x_transferred
RHSA-2003:067 vendor-advisory x_transferred
RHSA-2003:066 vendor-advisory x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
RHSA-2003:064 vendor-advisory x_transferred
RHSA-2003:065 vendor-advisory x_transferred
6940 vdb-entry x_transferred
terminal-emulator-window-title(11414) vdb-entry x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list x_transferred
DSA-380 vendor-advisory
RHSA-2003:067 vendor-advisory
RHSA-2003:066 vendor-advisory
20030224 Terminal Emulator Security Issues mailing-list
RHSA-2003:064 vendor-advisory
RHSA-2003:065 vendor-advisory
6940 vdb-entry
terminal-emulator-window-title(11414) vdb-entry
20030224 Terminal Emulator Security Issues mailing-list
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list
RHSA-2003:064 vendor-advisory x_transferred
RHSA-2003:065 vendor-advisory x_transferred
6940 vdb-entry x_transferred
terminal-emulator-window-title(11414) vdb-entry x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list x_transferred
DSA-380 vendor-advisory x_transferred
RHSA-2003:067 vendor-advisory x_transferred
RHSA-2003:066 vendor-advisory x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
DSA-380 vendor-advisory
RHSA-2003:067 vendor-advisory
RHSA-2003:066 vendor-advisory
20030224 Terminal Emulator Security Issues mailing-list
RHSA-2003:064 vendor-advisory
RHSA-2003:065 vendor-advisory
6940 vdb-entry
terminal-emulator-window-title(11414) vdb-entry
20030224 Terminal Emulator Security Issues mailing-list
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list
RHSA-2003:067 vendor-advisory x_transferred
RHSA-2003:066 vendor-advisory x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
RHSA-2003:064 vendor-advisory x_transferred
RHSA-2003:065 vendor-advisory x_transferred
6940 vdb-entry x_transferred
terminal-emulator-window-title(11414) vdb-entry x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list x_transferred
DSA-380 vendor-advisory x_transferred
DSA-380 vendor-advisory
RHSA-2003:067 vendor-advisory
RHSA-2003:066 vendor-advisory
20030224 Terminal Emulator Security Issues mailing-list
RHSA-2003:064 vendor-advisory
RHSA-2003:065 vendor-advisory
6940 vdb-entry
terminal-emulator-window-title(11414) vdb-entry
20030224 Terminal Emulator Security Issues mailing-list
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list
DSA-380 vendor-advisory x_transferred
RHSA-2003:067 vendor-advisory x_transferred
RHSA-2003:066 vendor-advisory x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
RHSA-2003:064 vendor-advisory x_transferred
RHSA-2003:065 vendor-advisory x_transferred
6940 vdb-entry x_transferred
terminal-emulator-window-title(11414) vdb-entry x_transferred
20030224 Terminal Emulator Security Issues mailing-list x_transferred
[oss-security] 20240615 iTerm2 3.5.x title reporting bug mailing-list x_transferred

Affected products

n/a

==n/a

xfree86

=<4.2.0

Old issue. No impact on current stable branch.

Suggestion detail

References

Affected products