Back to search
CVE-2008-2383
Published: Jan 2, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33419
third-party-advisory
RHSA-2009:0018
vendor-advisory
254208
vendor-advisory
FEDORA-2009-0154
vendor-advisory
RHSA-2009:0019
vendor-advisory
33388
third-party-advisory
SUSE-SR:2009:003
vendor-advisory
FEDORA-2009-0059
vendor-advisory
oval:org.mitre.oval:def:9317
vdb-entry
signature
35074
third-party-advisory
33418
third-party-advisory
DSA-1694
vendor-advisory
APPLE-SA-2009-05-12
vendor-advisory
SUSE-SR:2009:002
vendor-advisory
33318
third-party-advisory
33568
third-party-advisory
xterm-decrqss-code-execution(47655)
vdb-entry
TA09-133A
third-party-advisory
33397
third-party-advisory
ADV-2009-1297
vdb-entry
33060
vdb-entry
USN-703-1
vendor-advisory
33820
third-party-advisory
1021522
vdb-entry
FEDORA-2023-a004ecb3f8
vendor-advisory
FEDORA-2023-3746647cc3
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now