RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| marc_lehmann | rxvt-unicode | 3.5 |
| marc_lehmann | rxvt-unicode | 3.4 |
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| marc_lehmann | rxvt-unicode | 4.3 |
| marc_lehmann | rxvt-unicode | 4.8 |
| marc_lehmann | rxvt-unicode | 5.2 |
| marc_lehmann | rxvt-unicode | 3.7 |
| marc_lehmann | rxvt-unicode | 4.5 |
| marc_lehmann | rxvt-unicode | 4.6 |
| marc_lehmann | rxvt-unicode | 3.4 |
| marc_lehmann | rxvt-unicode | 3.6 |
| marc_lehmann | rxvt-unicode | 4.9 |
| marc_lehmann | rxvt-unicode | 4.4 |
| marc_lehmann | rxvt-unicode | 4.1 |
| marc_lehmann | rxvt-unicode | 3.8 |
| marc_lehmann | rxvt-unicode | 4.2 |
| marc_lehmann | rxvt-unicode | 3.9 |
| marc_lehmann | rxvt-unicode | 3.5 |
| marc_lehmann | rxvt-unicode | 5.0 |
| marc_lehmann | rxvt-unicode | 5.1 |
| marc_lehmann | rxvt-unicode | 4.7 |
| marc_lehmann | rxvt-unicode | 4.0 |
rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| marc_lehmann | rxvt-unicode | 9.01 |
| marc_lehmann | rxvt-unicode | 9.07 |
| marc_lehmann | rxvt-unicode | 9.06 |
| marc_lehmann | rxvt-unicode | 9.09 |
| marc_lehmann | rxvt-unicode | 9.15 |
| marc_lehmann | rxvt-unicode | * |
| marc_lehmann | rxvt-unicode | 9.05 |
| marc_lehmann | rxvt-unicode | 9.16 |
| marc_lehmann | rxvt-unicode | 9.14 |
| marc_lehmann | rxvt-unicode | 9.0 |
| marc_lehmann | rxvt-unicode | 9.18 |
| marc_lehmann | rxvt-unicode | 9.11 |
| marc_lehmann | rxvt-unicode | 9.08 |
| marc_lehmann | rxvt-unicode | 9.02 |
| marc_lehmann | rxvt-unicode | 9.10 |
| marc_lehmann | rxvt-unicode | 9.17 |
| marc_lehmann | rxvt-unicode | 9.12 |