Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to rxvt-unicode - rxvt-unicode

cve-2006-0126

Vulnerability from cvelistv5

Published

2006-01-09 11:00

Modified

2024-08-07 16:25

Severity ?

Summary

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.

References

▼	URL	Tags
	http://www.osvdb.org/22223	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/18301	third-party-advisory, x_refsource_SECUNIA
	http://dist.schmorp.de/rxvt-unicode/Changes	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/0052	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.396Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "22223",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22223"
          },
          {
            "name": "18301",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18301"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dist.schmorp.de/rxvt-unicode/Changes"
          },
          {
            "name": "ADV-2006-0052",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0052"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "22223",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22223"
        },
        {
          "name": "18301",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18301"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dist.schmorp.de/rxvt-unicode/Changes"
        },
        {
          "name": "ADV-2006-0052",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0052"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "22223",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22223"
            },
            {
              "name": "18301",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18301"
            },
            {
              "name": "http://dist.schmorp.de/rxvt-unicode/Changes",
              "refsource": "CONFIRM",
              "url": "http://dist.schmorp.de/rxvt-unicode/Changes"
            },
            {
              "name": "ADV-2006-0052",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0052"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0126",
    "datePublished": "2006-01-09T11:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.396Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1142

Vulnerability from cvelistv5

Published

2008-04-07 17:00

Modified

2024-08-07 08:08

Severity ?

Summary

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://article.gmane.org/gmane.comp.security.oss.general/122	x_refsource_MISC
	http://secunia.com/advisories/30226	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/28512	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/30229	third-party-advisory, x_refsource_SECUNIA
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	x_refsource_CONFIRM
	http://secunia.com/advisories/31687	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/30225	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/30227	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200805-03.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/30224	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161	vendor-advisory, x_refsource_MANDRIVA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/29576	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.701Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2008:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
          },
          {
            "name": "30226",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30226"
          },
          {
            "name": "28512",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28512"
          },
          {
            "name": "30229",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30229"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
          },
          {
            "name": "31687",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31687"
          },
          {
            "name": "30225",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30225"
          },
          {
            "name": "30227",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30227"
          },
          {
            "name": "GLSA-200805-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
          },
          {
            "name": "30224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30224"
          },
          {
            "name": "MDVSA-2008:161",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
          },
          {
            "name": "MDVSA-2008:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
          },
          {
            "name": "29576",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29576"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-05-13T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SR:2008:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
        },
        {
          "name": "30226",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30226"
        },
        {
          "name": "28512",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28512"
        },
        {
          "name": "30229",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30229"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
        },
        {
          "name": "31687",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31687"
        },
        {
          "name": "30225",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30225"
        },
        {
          "name": "30227",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30227"
        },
        {
          "name": "GLSA-200805-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
        },
        {
          "name": "30224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30224"
        },
        {
          "name": "MDVSA-2008:161",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
        },
        {
          "name": "MDVSA-2008:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
        },
        {
          "name": "29576",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29576"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1142",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2008:017",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
            },
            {
              "name": "http://article.gmane.org/gmane.comp.security.oss.general/122",
              "refsource": "MISC",
              "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
            },
            {
              "name": "30226",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30226"
            },
            {
              "name": "28512",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28512"
            },
            {
              "name": "30229",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30229"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
            },
            {
              "name": "31687",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31687"
            },
            {
              "name": "30225",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30225"
            },
            {
              "name": "30227",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30227"
            },
            {
              "name": "GLSA-200805-03",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
            },
            {
              "name": "30224",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30224"
            },
            {
              "name": "MDVSA-2008:161",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
            },
            {
              "name": "MDVSA-2008:221",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
            },
            {
              "name": "29576",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29576"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1142",
    "datePublished": "2008-04-07T17:00:00",
    "dateReserved": "2008-03-04T00:00:00",
    "dateUpdated": "2024-08-07T08:08:57.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2006-01-09 11:03

Modified

2024-11-21 00:05

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://dist.schmorp.de/rxvt-unicode/Changes
cve@mitre.org	http://secunia.com/advisories/18301	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/22223	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0052
af854a3a-2127-422b-91ae-364da2661108	http://dist.schmorp.de/rxvt-unicode/Changes
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18301	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22223	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0052

Impacted products

	Vendor	Product	Version
	rxvt-unicode	rxvt-unicode	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0312B278-4744-45C7-8C3E-143E9A3BE437",
              "versionEndIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
    }
  ],
  "id": "CVE-2006-0126",
  "lastModified": "2024-11-21T00:05:42.543",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://dist.schmorp.de/rxvt-unicode/Changes"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18301"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/22223"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dist.schmorp.de/rxvt-unicode/Changes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18301"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/22223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0052"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-07 17:44

Modified

2024-11-21 00:43

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://article.gmane.org/gmane.comp.security.oss.general/122
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	Vendor Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
cve@mitre.org	http://secunia.com/advisories/29576	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30224	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30225	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30226	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30227	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30229	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31687	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200805-03.xml
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
cve@mitre.org	http://www.securityfocus.com/bid/28512	Patch
af854a3a-2127-422b-91ae-364da2661108	http://article.gmane.org/gmane.comp.security.oss.general/122
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29576	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30224	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30225	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30226	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30227	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30229	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31687	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28512	Patch

Impacted products

Vendor	Product	Version
aterm	aterm	*
aterm	aterm	0.1.0
aterm	aterm	0.1.1
aterm	aterm	0.2.0
aterm	aterm	0.3.0
aterm	aterm	0.3.1
aterm	aterm	0.3.2
aterm	aterm	0.3.3
aterm	aterm	0.3.4
aterm	aterm	0.3.5
aterm	aterm	0.3.6
aterm	aterm	0.4.0
aterm	aterm	0.4.1
aterm	aterm	0.4.2
aterm	aterm	1.00
aterm	aterm	1.00
aterm	aterm	1.00
aterm	aterm	1.00
eterm	eterm	*
eterm	eterm	0.9.2
mrxvt	mrxvt	*
mrxvt	mrxvt	0.4.2
multi-aterm	multi-aterm	*
multi-aterm	multi-aterm	0.0.1
multi-aterm	multi-aterm	0.0.3
multi-aterm	multi-aterm	0.0.4
multi-aterm	multi-aterm	0.0.5
multi-aterm	multi-aterm	0.1
rxvt	rxvt	*
rxvt	rxvt	2.6.1
rxvt	rxvt	2.6.2
rxvt	rxvt	2.6.3
rxvt	rxvt	2.6.4
rxvt	rxvt	2.7.5
rxvt	rxvt	2.7.6
rxvt	rxvt	2.7.7
rxvt	rxvt	2.7.8
rxvt-unicode	rxvt-unicode	*
rxvt-unicode	rxvt-unicode	1.0
rxvt-unicode	rxvt-unicode	1.1
rxvt-unicode	rxvt-unicode	1.2
rxvt-unicode	rxvt-unicode	1.3
rxvt-unicode	rxvt-unicode	1.4
rxvt-unicode	rxvt-unicode	1.5
rxvt-unicode	rxvt-unicode	1.6
rxvt-unicode	rxvt-unicode	1.7
rxvt-unicode	rxvt-unicode	1.8
rxvt-unicode	rxvt-unicode	1.9
rxvt-unicode	rxvt-unicode	1.91
rxvt-unicode	rxvt-unicode	2.0
rxvt-unicode	rxvt-unicode	2.1
rxvt-unicode	rxvt-unicode	2.2
rxvt-unicode	rxvt-unicode	2.3
rxvt-unicode	rxvt-unicode	2.4
rxvt-unicode	rxvt-unicode	2.5
rxvt-unicode	rxvt-unicode	2.6
rxvt-unicode	rxvt-unicode	2.7
rxvt-unicode	rxvt-unicode	2.8
rxvt-unicode	rxvt-unicode	2.9
rxvt-unicode	rxvt-unicode	3.0
rxvt-unicode	rxvt-unicode	3.1
rxvt-unicode	rxvt-unicode	3.2
rxvt-unicode	rxvt-unicode	3.3
rxvt-unicode	rxvt-unicode	3.4
rxvt-unicode	rxvt-unicode	3.5
rxvt-unicode	rxvt-unicode	3.6
rxvt-unicode	rxvt-unicode	3.7
rxvt-unicode	rxvt-unicode	3.8
rxvt-unicode	rxvt-unicode	3.9
rxvt-unicode	rxvt-unicode	4.0
rxvt-unicode	rxvt-unicode	4.1
rxvt-unicode	rxvt-unicode	4.2
rxvt-unicode	rxvt-unicode	4.3
rxvt-unicode	rxvt-unicode	4.4
rxvt-unicode	rxvt-unicode	4.5
rxvt-unicode	rxvt-unicode	4.6
rxvt-unicode	rxvt-unicode	4.7
rxvt-unicode	rxvt-unicode	4.8
rxvt-unicode	rxvt-unicode	4.9
rxvt-unicode	rxvt-unicode	5.0
rxvt-unicode	rxvt-unicode	5.1
rxvt-unicode	rxvt-unicode	5.2
rxvt-unicode	rxvt-unicode	5.3
rxvt-unicode	rxvt-unicode	5.4
rxvt-unicode	rxvt-unicode	5.5
rxvt-unicode	rxvt-unicode	5.6
rxvt-unicode	rxvt-unicode	5.7
rxvt-unicode	rxvt-unicode	5.8
rxvt-unicode	rxvt-unicode	5.9
rxvt-unicode	rxvt-unicode	6.0
rxvt-unicode	rxvt-unicode	6.1
rxvt-unicode	rxvt-unicode	6.2
rxvt-unicode	rxvt-unicode	6.3
rxvt-unicode	rxvt-unicode	7.0
rxvt-unicode	rxvt-unicode	7.1
rxvt-unicode	rxvt-unicode	7.2
rxvt-unicode	rxvt-unicode	7.3
rxvt-unicode	rxvt-unicode	7.4
rxvt-unicode	rxvt-unicode	7.5
rxvt-unicode	rxvt-unicode	7.6
rxvt-unicode	rxvt-unicode	7.7
rxvt-unicode	rxvt-unicode	7.8
rxvt-unicode	rxvt-unicode	7.9
rxvt-unicode	rxvt-unicode	8.0
rxvt-unicode	rxvt-unicode	8.1
rxvt-unicode	rxvt-unicode	8.2
rxvt-unicode	rxvt-unicode	8.3
rxvt-unicode	rxvt-unicode	8.4
rxvt-unicode	rxvt-unicode	8.5
rxvt-unicode	rxvt-unicode	8.5a
rxvt-unicode	rxvt-unicode	8.6
rxvt-unicode	rxvt-unicode	8.7
rxvt-unicode	rxvt-unicode	8.8
rxvt-unicode	rxvt-unicode	8.9
rxvt-unicode	rxvt-unicode	9.0
wterm	wterm	*
wterm	wterm	6.2.5
wterm	wterm	6.2.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:aterm:aterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "906079C8-6164-4E15-A171-759A9C2D33CB",
              "versionEndIncluding": "1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFE971D-9704-411B-89EC-2BE46D7E4930",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65887C4E-3B44-4AA6-919B-88D987C440E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07EF6773-1416-444A-9CCB-00459BBF30DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB4F3E9-B8C3-4DBB-8686-AEB36D0D7A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9CDB7D2-1EB3-4E08-BFEC-572720079B9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A65ADF9D-8591-4046-809E-090B13098E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C17CD8-84FA-4A07-A5B3-C3D3CFD701DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6E8374-C6AF-4BF0-8F08-1DFB788FB1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "438FCC6C-14F7-4E09-A83D-CB09A4C087F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DE72EB-BCB3-44D7-84B8-25C098D79ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7237B6AB-CA2C-4F4E-812F-5A5B466E946A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48413ADC-4E8B-4030-919F-06DDB10FEB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDB25A3-56B5-4C4C-83CA-8CAB21E03371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "0EB2756B-E373-475A-AC3F-0D4357BB7410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "6814E277-848C-4B8B-83A7-7E72B0EBC906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E13A6D13-157C-4A9C-9D79-D4C3418A3867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "5CE84A43-27D4-41AB-BFD0-3986137E2748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eterm:eterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2367DBAD-54A6-4ADA-83A1-F7DBC3813500",
              "versionEndIncluding": "0.9.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eterm:eterm:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF3630F-CE7F-4A04-8094-1E692D32DF64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mrxvt:mrxvt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDEA3F78-F92B-45E2-9406-FDB58FA43021",
              "versionEndIncluding": "0.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mrxvt:mrxvt:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C1645E2-E752-4D1B-887D-61A54E165C6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60168674-59D0-42E9-AF75-59E1D67C392D",
              "versionEndIncluding": "0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C575E5-6D9B-48A1-A756-304D8EC480C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B4F027-019B-4C38-BD32-FDC6CF6F27F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "019BA414-15C4-46F5-830F-1EC910C65B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE85183-4BD5-45CA-9723-4EE635D61EE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D5D44E-8936-4B6D-8A83-839F3A0FBE59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB2370B-7366-4291-B602-26342194094C",
              "versionEndIncluding": "2.7.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5CE4F28-5C30-4A54-8A4B-3FA6B01F1467",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BA71D83-EA61-4B68-9D71-40E660C8E9E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB750075-F614-40BA-B26D-CA3826A1B865",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "31FE05CF-F5F3-4F11-853A-36D4A4CA8FD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "16BC9337-A01B-402D-A9A0-AAE0B49355BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED803842-E280-4998-BD7C-CF8048304FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "779E9DE5-58AC-4441-8925-3ADC1E042A8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "287104DA-18C9-400C-B23C-CD569E5F11C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EDF05C-DE07-4C0C-878B-76DD7CFE0C28",
              "versionEndIncluding": "9.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CB9BC7D-3ABE-4262-A705-DAA17A527257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86C5E10-4E22-4E5C-A2E5-575D291301BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA17952-574A-48C3-BC45-B7B8242D89CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "765462C7-1EE5-43BE-AD1E-4FEB74C486F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "499B59D2-8535-4A07-B221-AA26EAACAB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87E8504-8CF7-4AB4-A437-8D15D623EE2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF5A78E-1CA2-47C3-AF35-0F4024F8C57D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB280BBD-663C-4F72-86F6-D67B65F14D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEEF3E4C-0014-4062-BD27-11649D6DC022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AE654A2-DC0C-4764-92E9-45B1890ED9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "263D8B7E-046C-4C68-8FE0-6FE56DCC6140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54383B98-264B-4C5C-9E0F-F06CFC200827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "550ED2B1-0273-407A-B9E2-8B219ECF5F73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC2A517-FFFF-4266-A900-36F09D2A0B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B30E8A-FD5B-473D-AEDD-96CB8533CE91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "898BFA6D-1874-4DC0-8A23-196011EA6AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D823A-6321-4EC8-B580-27AC0FABA07D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A78B12DC-F538-48B8-9097-A5B6E35190BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E67E56-F415-46E5-A147-19B18EC0CB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1263E928-4629-4627-9C48-3BEF8EA6A8C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8A8C74-F783-4460-95B0-0F70DAAF1214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "60169CC8-A154-4250-BCE1-BCF05EDDE840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CCD73D1-AEDE-4775-A242-B37078088577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BE74E8-AAE2-45B0-A27B-425130E94BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76CAB9D-C5E5-452C-9C0B-E5415AB650F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F5C9D0-F4B4-448D-930C-17B037C4AE07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "830E5352-49B6-4941-91C2-03FF48AE6654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7B3932-0C64-4F0D-9C27-31F823958FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8C6532-DE29-4071-9156-ABEFACA02BAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA0AFAF1-F061-4C0E-9550-206824C19466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B410B3D-D43A-4A62-9CDB-69C4E16062DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25C6C41-3CD6-4FA8-8223-996B010A40E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BADC5D37-AAB3-4709-A156-D2CDA3AB2D0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B96FCB-ABC8-4FBE-B386-4612B3FFF5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4014961-4950-4C2D-9FE8-EBB089F2D080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C939A580-A0CA-4FC9-BCC0-1C7BAB6AB6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D14EE-F1FD-4E1D-BB5E-0E71C3A79186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAF5AC0-C9F3-4096-8071-FDE918291C3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E090BEAD-535D-4CC0-8AEF-C66F6C57657F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727CD66-4D54-4B80-843D-67BF421125A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD5EBFB-B2B6-4E71-A2F7-2ECADFC99DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "931F6A8E-AC22-49A7-ABC8-F9E685C5DB4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD68C4D-47E0-4325-9B7F-A73F455CD7C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C292CB-B53B-4E86-A994-D53154558E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07793F4F-477E-4606-B262-F8216DEEA8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FD7AAA-D27C-4B16-995A-AEC044C9E7C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F175B9E5-999F-4BBC-9B2C-AF71992ABE94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E73C64A4-5353-43D2-8E60-9222B5C2403D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C262FB71-D4D4-4F1F-9D5A-5F948273EF73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB4F5155-562F-4923-8D21-B99A2E31BA05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "99D71BA3-1491-46F7-B684-30BE37ED79C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "045C0948-0D5C-4A91-B62A-5DA97A7CBCAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F406B34-FFEE-4DF6-8720-C6CD0C786694",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2AF031D-8BE0-4D26-98B2-B4484A5F1657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACCD55F-C3DC-4AE4-80F4-C873DCA3F763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6485D96D-95FE-4980-A476-922DBCCB362A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D867F5A-639B-4B4C-87F9-377869D925DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A906623-8A36-4211-98C4-4646A0489936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FFF2C26-2B05-4949-B87A-E1EC1D4A8FB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4F3780-BBEB-4355-AFAD-7F69176ECF8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "380F457A-E570-437E-8F23-B354C8BB15A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3FCEEC1-7917-4A33-A7DF-6FB35065E8F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "713FF10E-813F-4089-88CF-AB1368CDE376",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB6F305-E6A6-4D74-BEF7-668FE6000529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8484147E-0054-4819-940C-FBDF533D6422",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B02585-2315-4143-BE33-47C509CE0D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EBB720-9AC9-42B4-80F7-2FF61020E58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA0D966-9748-4B03-9EA9-63CD3B6990F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7475AFA-46FB-4035-97CB-0F37BCB7DD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A12095D3-CB90-4EEF-B265-AE899BF0BCEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D91F0089-CBE6-4588-9BC0-E7947A050CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7DC56B-C888-4111-A000-27E34166EB95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A730D6E-327B-4E6C-9F38-6AC117EAED8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7521C5A1-0441-4132-92BB-0F4DD93C0BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ADB59B3-5C43-463B-B714-43264052134B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98F8B98-71CB-421E-B2B5-4AF2C9B4BA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3347E60D-297F-425F-9644-9933650081BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F5A2D96-4DD9-43C8-BC2B-BF0C65820F3A",
              "versionEndIncluding": "6.2.8a2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "398586ED-E758-4D7A-B4D7-EDE57A044AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "21101465-3B77-441C-BC85-5E63E75A8D4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
    },
    {
      "lang": "es",
      "value": "Rxvt versi\u00f3n 2.6.4 abre una ventana terminal en :0 si no se establece la variable de entorno DISPLAY, lo que podr\u00eda permitir a los usuarios locales secuestrar conexiones X11. NOTA: m\u00e1s tarde se inform\u00f3 que rxvt-unicode, mrxvt, aterm, multi-aterm y wterm tambi\u00e9n se ven afectados. NOTA: escenarios de ataque realistas requieren que la v\u00edctima ingrese un comando en la m\u00e1quina incorrecta"
    }
  ],
  "id": "CVE-2008-1142",
  "lastModified": "2024-11-21T00:43:46.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.7,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-07T17:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29576"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30224"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30225"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30226"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30227"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30229"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30229"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28512"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1142\n\nThis issue does not affect Red Hat Enterprise Linux 3, 4, or 5.\n\nThe Red Hat Security Response Team has rated this issue as having low security impact.  Due to the minimal security consequences of this issue, we do not intend to fix this in Red Hat Enterprise Linux 2.1.  More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
      "lastModified": "2008-04-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}