Back to search
CVE-2003-0070
Published: Sep 1, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20030224 Terminal Emulator Security Issues
mailing-list
x_refsource_BUGTRAQ
RHSA-2003:053
vendor-advisory
x_refsource_REDHAT
terminal-emulator-window-title(11414)
vdb-entry
x_refsource_XF
20030224 Terminal Emulator Security Issues
mailing-list
x_refsource_VULNWATCH
GLSA-200303-2
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now