Back to search
CVE-2003-0066
Published: Sep 1, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
200303-16
vendor-advisory
x_refsource_GENTOO
MDKSA-2003:003
vendor-advisory
x_refsource_MANDRAKE
20030224 Terminal Emulator Security Issues
mailing-list
x_refsource_BUGTRAQ
RHSA-2003:054
vendor-advisory
x_refsource_REDHAT
RHSA-2003:055
vendor-advisory
x_refsource_REDHAT
6953
vdb-entry
x_refsource_BID
terminal-emulator-window-title(11414)
vdb-entry
x_refsource_XF
20030224 Terminal Emulator Security Issues
mailing-list
x_refsource_VULNWATCH
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now