ALT-PU-2015-2844-1
Package terminology updated to version 0.8.0-alt1 for branch sisyphus in task 140467.
Closed vulnerabilities
Published: 2017-01-24
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8971
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- DSA-3712
- DSA-3712
- [oss-security] 20161104 CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
- [oss-security] 20161104 CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
- [oss-security] 20161104 Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
- [oss-security] 20161104 Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
- [oss-security] 20161107 Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
- [oss-security] 20161107 Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
- 94132
- 94132
- https://git.enlightenment.org/apps/terminology.git/commit/?id=b80bedc7c21ecffe99d8d142930db696eebdd6a5
- https://git.enlightenment.org/apps/terminology.git/commit/?id=b80bedc7c21ecffe99d8d142930db696eebdd6a5