Back to search
CVE-2021-33477
Published: May 20, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.openwall.com/lists/oss-security/2021/05/17/1
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2017/05/01/20
x_refsource_MISC
https://sourceforge.net/projects/rxvt/files/rxvt-dev/
x_refsource_MISC
http://cvs.schmorp.de/rxvt-unicode/Changes?view=log
x_refsource_MISC
https://sourceforge.net/projects/materm/files/mrxvt%20source/
x_refsource_MISC
https://git.enlightenment.org/apps/eterm.git/log/
x_refsource_MISC
GLSA-202105-17
vendor-advisory
x_refsource_GENTOO
[debian-lts-announce] 20210530 [SECURITY] [DLA 2671-1] rxvt-unicode security update
mailing-list
x_refsource_MLIST
FEDORA-2021-a4c0a91884
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-5b96f0f5db
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-c883ca2a37
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-8b85b2de05
vendor-advisory
x_refsource_FEDORA
[debian-lts-announce] 20210609 [SECURITY] [DLA 2681-1] eterm security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20210609 [SECURITY] [DLA 2683-1] rxvt security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20210609 [SECURITY] [DLA 2682-1] mrxvt security update
mailing-list
x_refsource_MLIST
FEDORA-2021-71556a5722
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-0d3268fc35
vendor-advisory
x_refsource_FEDORA
GLSA-202209-07
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now