Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to eterm - eterm

Vulnerability from fkie_nvd

Published

2008-04-07 18:44

Modified

2024-11-21 00:45

Severity ?

Summary

Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

References

URL	Tags
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127
cve@mitre.org	http://secunia.com/advisories/29577	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200805-03.xml
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:222
cve@mitre.org	http://www.securityfocus.com/bid/28512
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29577	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:222
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28512

Impacted products

	Vendor	Product	Version
	eterm	eterm	0.9.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eterm:eterm:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6F31693-5ABD-4675-81D5-6BFF5AEBEFFD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
    },
    {
      "lang": "es",
      "value": "Eterm versi\u00f3n 0.9.4 abre una ventana terminal en :0 si -display no se especifica y no se establece la variable de entorno DISPLAY, lo que podr\u00eda permitir a los usuarios locales secuestrar conexiones X11. NOTA: escenarios de ataque realistas requieren que la v\u00edctima ingrese un comando en la m\u00e1quina incorrecta."
    }
  ],
  "id": "CVE-2008-1692",
  "lastModified": "2024-11-21T00:45:06.853",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-04-07T18:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29577"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:222"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29577"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28512"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-07 17:44

Modified

2024-11-21 00:43

Severity ?

Summary

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

References

URL	Tags
cve@mitre.org	http://article.gmane.org/gmane.comp.security.oss.general/122
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	Vendor Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
cve@mitre.org	http://secunia.com/advisories/29576	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30224	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30225	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30226	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30227	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30229	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31687	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200805-03.xml
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
cve@mitre.org	http://www.securityfocus.com/bid/28512	Patch
af854a3a-2127-422b-91ae-364da2661108	http://article.gmane.org/gmane.comp.security.oss.general/122
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29576	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30224	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30225	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30226	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30227	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30229	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31687	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28512	Patch

Impacted products

Vendor	Product	Version
aterm	aterm	*
aterm	aterm	0.1.0
aterm	aterm	0.1.1
aterm	aterm	0.2.0
aterm	aterm	0.3.0
aterm	aterm	0.3.1
aterm	aterm	0.3.2
aterm	aterm	0.3.3
aterm	aterm	0.3.4
aterm	aterm	0.3.5
aterm	aterm	0.3.6
aterm	aterm	0.4.0
aterm	aterm	0.4.1
aterm	aterm	0.4.2
aterm	aterm	1.00
aterm	aterm	1.00
aterm	aterm	1.00
aterm	aterm	1.00
eterm	eterm	*
eterm	eterm	0.9.2
mrxvt	mrxvt	*
mrxvt	mrxvt	0.4.2
multi-aterm	multi-aterm	*
multi-aterm	multi-aterm	0.0.1
multi-aterm	multi-aterm	0.0.3
multi-aterm	multi-aterm	0.0.4
multi-aterm	multi-aterm	0.0.5
multi-aterm	multi-aterm	0.1
rxvt	rxvt	*
rxvt	rxvt	2.6.1
rxvt	rxvt	2.6.2
rxvt	rxvt	2.6.3
rxvt	rxvt	2.6.4
rxvt	rxvt	2.7.5
rxvt	rxvt	2.7.6
rxvt	rxvt	2.7.7
rxvt	rxvt	2.7.8
rxvt-unicode	rxvt-unicode	*
rxvt-unicode	rxvt-unicode	1.0
rxvt-unicode	rxvt-unicode	1.1
rxvt-unicode	rxvt-unicode	1.2
rxvt-unicode	rxvt-unicode	1.3
rxvt-unicode	rxvt-unicode	1.4
rxvt-unicode	rxvt-unicode	1.5
rxvt-unicode	rxvt-unicode	1.6
rxvt-unicode	rxvt-unicode	1.7
rxvt-unicode	rxvt-unicode	1.8
rxvt-unicode	rxvt-unicode	1.9
rxvt-unicode	rxvt-unicode	1.91
rxvt-unicode	rxvt-unicode	2.0
rxvt-unicode	rxvt-unicode	2.1
rxvt-unicode	rxvt-unicode	2.2
rxvt-unicode	rxvt-unicode	2.3
rxvt-unicode	rxvt-unicode	2.4
rxvt-unicode	rxvt-unicode	2.5
rxvt-unicode	rxvt-unicode	2.6
rxvt-unicode	rxvt-unicode	2.7
rxvt-unicode	rxvt-unicode	2.8
rxvt-unicode	rxvt-unicode	2.9
rxvt-unicode	rxvt-unicode	3.0
rxvt-unicode	rxvt-unicode	3.1
rxvt-unicode	rxvt-unicode	3.2
rxvt-unicode	rxvt-unicode	3.3
rxvt-unicode	rxvt-unicode	3.4
rxvt-unicode	rxvt-unicode	3.5
rxvt-unicode	rxvt-unicode	3.6
rxvt-unicode	rxvt-unicode	3.7
rxvt-unicode	rxvt-unicode	3.8
rxvt-unicode	rxvt-unicode	3.9
rxvt-unicode	rxvt-unicode	4.0
rxvt-unicode	rxvt-unicode	4.1
rxvt-unicode	rxvt-unicode	4.2
rxvt-unicode	rxvt-unicode	4.3
rxvt-unicode	rxvt-unicode	4.4
rxvt-unicode	rxvt-unicode	4.5
rxvt-unicode	rxvt-unicode	4.6
rxvt-unicode	rxvt-unicode	4.7
rxvt-unicode	rxvt-unicode	4.8
rxvt-unicode	rxvt-unicode	4.9
rxvt-unicode	rxvt-unicode	5.0
rxvt-unicode	rxvt-unicode	5.1
rxvt-unicode	rxvt-unicode	5.2
rxvt-unicode	rxvt-unicode	5.3
rxvt-unicode	rxvt-unicode	5.4
rxvt-unicode	rxvt-unicode	5.5
rxvt-unicode	rxvt-unicode	5.6
rxvt-unicode	rxvt-unicode	5.7
rxvt-unicode	rxvt-unicode	5.8
rxvt-unicode	rxvt-unicode	5.9
rxvt-unicode	rxvt-unicode	6.0
rxvt-unicode	rxvt-unicode	6.1
rxvt-unicode	rxvt-unicode	6.2
rxvt-unicode	rxvt-unicode	6.3
rxvt-unicode	rxvt-unicode	7.0
rxvt-unicode	rxvt-unicode	7.1
rxvt-unicode	rxvt-unicode	7.2
rxvt-unicode	rxvt-unicode	7.3
rxvt-unicode	rxvt-unicode	7.4
rxvt-unicode	rxvt-unicode	7.5
rxvt-unicode	rxvt-unicode	7.6
rxvt-unicode	rxvt-unicode	7.7
rxvt-unicode	rxvt-unicode	7.8
rxvt-unicode	rxvt-unicode	7.9
rxvt-unicode	rxvt-unicode	8.0
rxvt-unicode	rxvt-unicode	8.1
rxvt-unicode	rxvt-unicode	8.2
rxvt-unicode	rxvt-unicode	8.3
rxvt-unicode	rxvt-unicode	8.4
rxvt-unicode	rxvt-unicode	8.5
rxvt-unicode	rxvt-unicode	8.5a
rxvt-unicode	rxvt-unicode	8.6
rxvt-unicode	rxvt-unicode	8.7
rxvt-unicode	rxvt-unicode	8.8
rxvt-unicode	rxvt-unicode	8.9
rxvt-unicode	rxvt-unicode	9.0
wterm	wterm	*
wterm	wterm	6.2.5
wterm	wterm	6.2.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:aterm:aterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "906079C8-6164-4E15-A171-759A9C2D33CB",
              "versionEndIncluding": "1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFE971D-9704-411B-89EC-2BE46D7E4930",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65887C4E-3B44-4AA6-919B-88D987C440E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07EF6773-1416-444A-9CCB-00459BBF30DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB4F3E9-B8C3-4DBB-8686-AEB36D0D7A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9CDB7D2-1EB3-4E08-BFEC-572720079B9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A65ADF9D-8591-4046-809E-090B13098E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C17CD8-84FA-4A07-A5B3-C3D3CFD701DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6E8374-C6AF-4BF0-8F08-1DFB788FB1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "438FCC6C-14F7-4E09-A83D-CB09A4C087F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DE72EB-BCB3-44D7-84B8-25C098D79ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7237B6AB-CA2C-4F4E-812F-5A5B466E946A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48413ADC-4E8B-4030-919F-06DDB10FEB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDB25A3-56B5-4C4C-83CA-8CAB21E03371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "0EB2756B-E373-475A-AC3F-0D4357BB7410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "6814E277-848C-4B8B-83A7-7E72B0EBC906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E13A6D13-157C-4A9C-9D79-D4C3418A3867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "5CE84A43-27D4-41AB-BFD0-3986137E2748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eterm:eterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2367DBAD-54A6-4ADA-83A1-F7DBC3813500",
              "versionEndIncluding": "0.9.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eterm:eterm:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF3630F-CE7F-4A04-8094-1E692D32DF64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mrxvt:mrxvt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDEA3F78-F92B-45E2-9406-FDB58FA43021",
              "versionEndIncluding": "0.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mrxvt:mrxvt:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C1645E2-E752-4D1B-887D-61A54E165C6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60168674-59D0-42E9-AF75-59E1D67C392D",
              "versionEndIncluding": "0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C575E5-6D9B-48A1-A756-304D8EC480C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B4F027-019B-4C38-BD32-FDC6CF6F27F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "019BA414-15C4-46F5-830F-1EC910C65B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE85183-4BD5-45CA-9723-4EE635D61EE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D5D44E-8936-4B6D-8A83-839F3A0FBE59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB2370B-7366-4291-B602-26342194094C",
              "versionEndIncluding": "2.7.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5CE4F28-5C30-4A54-8A4B-3FA6B01F1467",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BA71D83-EA61-4B68-9D71-40E660C8E9E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB750075-F614-40BA-B26D-CA3826A1B865",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "31FE05CF-F5F3-4F11-853A-36D4A4CA8FD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "16BC9337-A01B-402D-A9A0-AAE0B49355BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED803842-E280-4998-BD7C-CF8048304FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "779E9DE5-58AC-4441-8925-3ADC1E042A8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "287104DA-18C9-400C-B23C-CD569E5F11C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EDF05C-DE07-4C0C-878B-76DD7CFE0C28",
              "versionEndIncluding": "9.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CB9BC7D-3ABE-4262-A705-DAA17A527257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86C5E10-4E22-4E5C-A2E5-575D291301BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA17952-574A-48C3-BC45-B7B8242D89CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "765462C7-1EE5-43BE-AD1E-4FEB74C486F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "499B59D2-8535-4A07-B221-AA26EAACAB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87E8504-8CF7-4AB4-A437-8D15D623EE2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF5A78E-1CA2-47C3-AF35-0F4024F8C57D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB280BBD-663C-4F72-86F6-D67B65F14D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEEF3E4C-0014-4062-BD27-11649D6DC022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AE654A2-DC0C-4764-92E9-45B1890ED9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "263D8B7E-046C-4C68-8FE0-6FE56DCC6140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54383B98-264B-4C5C-9E0F-F06CFC200827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "550ED2B1-0273-407A-B9E2-8B219ECF5F73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC2A517-FFFF-4266-A900-36F09D2A0B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B30E8A-FD5B-473D-AEDD-96CB8533CE91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "898BFA6D-1874-4DC0-8A23-196011EA6AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D823A-6321-4EC8-B580-27AC0FABA07D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A78B12DC-F538-48B8-9097-A5B6E35190BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E67E56-F415-46E5-A147-19B18EC0CB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1263E928-4629-4627-9C48-3BEF8EA6A8C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8A8C74-F783-4460-95B0-0F70DAAF1214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "60169CC8-A154-4250-BCE1-BCF05EDDE840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CCD73D1-AEDE-4775-A242-B37078088577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BE74E8-AAE2-45B0-A27B-425130E94BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76CAB9D-C5E5-452C-9C0B-E5415AB650F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F5C9D0-F4B4-448D-930C-17B037C4AE07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "830E5352-49B6-4941-91C2-03FF48AE6654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7B3932-0C64-4F0D-9C27-31F823958FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8C6532-DE29-4071-9156-ABEFACA02BAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA0AFAF1-F061-4C0E-9550-206824C19466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B410B3D-D43A-4A62-9CDB-69C4E16062DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25C6C41-3CD6-4FA8-8223-996B010A40E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BADC5D37-AAB3-4709-A156-D2CDA3AB2D0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B96FCB-ABC8-4FBE-B386-4612B3FFF5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4014961-4950-4C2D-9FE8-EBB089F2D080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C939A580-A0CA-4FC9-BCC0-1C7BAB6AB6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D14EE-F1FD-4E1D-BB5E-0E71C3A79186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAF5AC0-C9F3-4096-8071-FDE918291C3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E090BEAD-535D-4CC0-8AEF-C66F6C57657F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727CD66-4D54-4B80-843D-67BF421125A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD5EBFB-B2B6-4E71-A2F7-2ECADFC99DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "931F6A8E-AC22-49A7-ABC8-F9E685C5DB4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD68C4D-47E0-4325-9B7F-A73F455CD7C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C292CB-B53B-4E86-A994-D53154558E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07793F4F-477E-4606-B262-F8216DEEA8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FD7AAA-D27C-4B16-995A-AEC044C9E7C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F175B9E5-999F-4BBC-9B2C-AF71992ABE94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E73C64A4-5353-43D2-8E60-9222B5C2403D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C262FB71-D4D4-4F1F-9D5A-5F948273EF73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB4F5155-562F-4923-8D21-B99A2E31BA05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "99D71BA3-1491-46F7-B684-30BE37ED79C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "045C0948-0D5C-4A91-B62A-5DA97A7CBCAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F406B34-FFEE-4DF6-8720-C6CD0C786694",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2AF031D-8BE0-4D26-98B2-B4484A5F1657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACCD55F-C3DC-4AE4-80F4-C873DCA3F763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6485D96D-95FE-4980-A476-922DBCCB362A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D867F5A-639B-4B4C-87F9-377869D925DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A906623-8A36-4211-98C4-4646A0489936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FFF2C26-2B05-4949-B87A-E1EC1D4A8FB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4F3780-BBEB-4355-AFAD-7F69176ECF8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "380F457A-E570-437E-8F23-B354C8BB15A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3FCEEC1-7917-4A33-A7DF-6FB35065E8F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "713FF10E-813F-4089-88CF-AB1368CDE376",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB6F305-E6A6-4D74-BEF7-668FE6000529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8484147E-0054-4819-940C-FBDF533D6422",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B02585-2315-4143-BE33-47C509CE0D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EBB720-9AC9-42B4-80F7-2FF61020E58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA0D966-9748-4B03-9EA9-63CD3B6990F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7475AFA-46FB-4035-97CB-0F37BCB7DD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A12095D3-CB90-4EEF-B265-AE899BF0BCEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D91F0089-CBE6-4588-9BC0-E7947A050CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7DC56B-C888-4111-A000-27E34166EB95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A730D6E-327B-4E6C-9F38-6AC117EAED8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7521C5A1-0441-4132-92BB-0F4DD93C0BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ADB59B3-5C43-463B-B714-43264052134B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98F8B98-71CB-421E-B2B5-4AF2C9B4BA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3347E60D-297F-425F-9644-9933650081BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F5A2D96-4DD9-43C8-BC2B-BF0C65820F3A",
              "versionEndIncluding": "6.2.8a2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "398586ED-E758-4D7A-B4D7-EDE57A044AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "21101465-3B77-441C-BC85-5E63E75A8D4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
    },
    {
      "lang": "es",
      "value": "Rxvt versi\u00f3n 2.6.4 abre una ventana terminal en :0 si no se establece la variable de entorno DISPLAY, lo que podr\u00eda permitir a los usuarios locales secuestrar conexiones X11. NOTA: m\u00e1s tarde se inform\u00f3 que rxvt-unicode, mrxvt, aterm, multi-aterm y wterm tambi\u00e9n se ven afectados. NOTA: escenarios de ataque realistas requieren que la v\u00edctima ingrese un comando en la m\u00e1quina incorrecta"
    }
  ],
  "id": "CVE-2008-1142",
  "lastModified": "2024-11-21T00:43:46.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.7,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-07T17:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29576"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30224"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30225"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30226"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30227"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30229"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30229"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28512"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1142\n\nThis issue does not affect Red Hat Enterprise Linux 3, 4, or 5.\n\nThe Red Hat Security Response Team has rated this issue as having low security impact.  Due to the minimal security consequences of this issue, we do not intend to fix this in Red Hat Enterprise Linux 2.1.  More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
      "lastModified": "2008-04-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2008-1692

Vulnerability from cvelistv5

Published

2008-04-07 18:00

Modified

2024-08-07 08:32

Severity ?

Summary

References

▼	URL	Tags
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127	x_refsource_MISC
	http://www.securityfocus.com/bid/28512	vdb-entry, x_refsource_BID
	http://security.gentoo.org/glsa/glsa-200805-03.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/29577	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:222	vendor-advisory, x_refsource_MANDRIVA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:32:01.254Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127"
          },
          {
            "name": "28512",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28512"
          },
          {
            "name": "GLSA-200805-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
          },
          {
            "name": "29577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29577"
          },
          {
            "name": "MDVSA-2008:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:222"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-05-13T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127"
        },
        {
          "name": "28512",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28512"
        },
        {
          "name": "GLSA-200805-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
        },
        {
          "name": "29577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29577"
        },
        {
          "name": "MDVSA-2008:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:222"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1692",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127",
              "refsource": "MISC",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127"
            },
            {
              "name": "28512",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28512"
            },
            {
              "name": "GLSA-200805-03",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
            },
            {
              "name": "29577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29577"
            },
            {
              "name": "MDVSA-2008:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:222"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1692",
    "datePublished": "2008-04-07T18:00:00",
    "dateReserved": "2008-04-07T00:00:00",
    "dateUpdated": "2024-08-07T08:32:01.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1142

Vulnerability from cvelistv5

Published

2008-04-07 17:00

Modified

2024-08-07 08:08

Severity ?

Summary

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://article.gmane.org/gmane.comp.security.oss.general/122	x_refsource_MISC
	http://secunia.com/advisories/30226	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/28512	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/30229	third-party-advisory, x_refsource_SECUNIA
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	x_refsource_CONFIRM
	http://secunia.com/advisories/31687	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/30225	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/30227	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200805-03.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/30224	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161	vendor-advisory, x_refsource_MANDRIVA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/29576	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.701Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2008:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
          },
          {
            "name": "30226",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30226"
          },
          {
            "name": "28512",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28512"
          },
          {
            "name": "30229",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30229"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
          },
          {
            "name": "31687",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31687"
          },
          {
            "name": "30225",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30225"
          },
          {
            "name": "30227",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30227"
          },
          {
            "name": "GLSA-200805-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
          },
          {
            "name": "30224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30224"
          },
          {
            "name": "MDVSA-2008:161",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
          },
          {
            "name": "MDVSA-2008:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
          },
          {
            "name": "29576",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29576"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-05-13T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SR:2008:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
        },
        {
          "name": "30226",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30226"
        },
        {
          "name": "28512",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28512"
        },
        {
          "name": "30229",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30229"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
        },
        {
          "name": "31687",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31687"
        },
        {
          "name": "30225",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30225"
        },
        {
          "name": "30227",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30227"
        },
        {
          "name": "GLSA-200805-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
        },
        {
          "name": "30224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30224"
        },
        {
          "name": "MDVSA-2008:161",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
        },
        {
          "name": "MDVSA-2008:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
        },
        {
          "name": "29576",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29576"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1142",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2008:017",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
            },
            {
              "name": "http://article.gmane.org/gmane.comp.security.oss.general/122",
              "refsource": "MISC",
              "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
            },
            {
              "name": "30226",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30226"
            },
            {
              "name": "28512",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28512"
            },
            {
              "name": "30229",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30229"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
            },
            {
              "name": "31687",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31687"
            },
            {
              "name": "30225",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30225"
            },
            {
              "name": "30227",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30227"
            },
            {
              "name": "GLSA-200805-03",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
            },
            {
              "name": "30224",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30224"
            },
            {
              "name": "MDVSA-2008:161",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
            },
            {
              "name": "MDVSA-2008:221",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
            },
            {
              "name": "29576",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29576"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1142",
    "datePublished": "2008-04-07T17:00:00",
    "dateReserved": "2008-03-04T00:00:00",
    "dateUpdated": "2024-08-07T08:08:57.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}