fkie_nvd - fkie_cve-2008-1142

FKIE_CVE-2008-1142

Vulnerability from fkie_nvd - Published: 2008-04-07 17:44 - Updated: 2025-04-09 00:30

Severity ?

Summary

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

References

URL	Tags
cve@mitre.org	http://article.gmane.org/gmane.comp.security.oss.general/122
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	Vendor Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
cve@mitre.org	http://secunia.com/advisories/29576	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30224	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30225	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30226	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30227	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30229	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31687	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200805-03.xml
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
cve@mitre.org	http://www.securityfocus.com/bid/28512	Patch
af854a3a-2127-422b-91ae-364da2661108	http://article.gmane.org/gmane.comp.security.oss.general/122
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29576	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30224	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30225	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30226	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30227	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30229	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31687	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28512	Patch

Impacted products

Vendor	Product	Version
aterm	aterm	*
aterm	aterm	0.1.0
aterm	aterm	0.1.1
aterm	aterm	0.2.0
aterm	aterm	0.3.0
aterm	aterm	0.3.1
aterm	aterm	0.3.2
aterm	aterm	0.3.3
aterm	aterm	0.3.4
aterm	aterm	0.3.5
aterm	aterm	0.3.6
aterm	aterm	0.4.0
aterm	aterm	0.4.1
aterm	aterm	0.4.2
aterm	aterm	1.00
aterm	aterm	1.00
aterm	aterm	1.00
aterm	aterm	1.00
eterm	eterm	*
eterm	eterm	0.9.2
mrxvt	mrxvt	*
mrxvt	mrxvt	0.4.2
multi-aterm	multi-aterm	*
multi-aterm	multi-aterm	0.0.1
multi-aterm	multi-aterm	0.0.3
multi-aterm	multi-aterm	0.0.4
multi-aterm	multi-aterm	0.0.5
multi-aterm	multi-aterm	0.1
rxvt	rxvt	*
rxvt	rxvt	2.6.1
rxvt	rxvt	2.6.2
rxvt	rxvt	2.6.3
rxvt	rxvt	2.6.4
rxvt	rxvt	2.7.5
rxvt	rxvt	2.7.6
rxvt	rxvt	2.7.7
rxvt	rxvt	2.7.8
rxvt-unicode	rxvt-unicode	*
rxvt-unicode	rxvt-unicode	1.0
rxvt-unicode	rxvt-unicode	1.1
rxvt-unicode	rxvt-unicode	1.2
rxvt-unicode	rxvt-unicode	1.3
rxvt-unicode	rxvt-unicode	1.4
rxvt-unicode	rxvt-unicode	1.5
rxvt-unicode	rxvt-unicode	1.6
rxvt-unicode	rxvt-unicode	1.7
rxvt-unicode	rxvt-unicode	1.8
rxvt-unicode	rxvt-unicode	1.9
rxvt-unicode	rxvt-unicode	1.91
rxvt-unicode	rxvt-unicode	2.0
rxvt-unicode	rxvt-unicode	2.1
rxvt-unicode	rxvt-unicode	2.2
rxvt-unicode	rxvt-unicode	2.3
rxvt-unicode	rxvt-unicode	2.4
rxvt-unicode	rxvt-unicode	2.5
rxvt-unicode	rxvt-unicode	2.6
rxvt-unicode	rxvt-unicode	2.7
rxvt-unicode	rxvt-unicode	2.8
rxvt-unicode	rxvt-unicode	2.9
rxvt-unicode	rxvt-unicode	3.0
rxvt-unicode	rxvt-unicode	3.1
rxvt-unicode	rxvt-unicode	3.2
rxvt-unicode	rxvt-unicode	3.3
rxvt-unicode	rxvt-unicode	3.4
rxvt-unicode	rxvt-unicode	3.5
rxvt-unicode	rxvt-unicode	3.6
rxvt-unicode	rxvt-unicode	3.7
rxvt-unicode	rxvt-unicode	3.8
rxvt-unicode	rxvt-unicode	3.9
rxvt-unicode	rxvt-unicode	4.0
rxvt-unicode	rxvt-unicode	4.1
rxvt-unicode	rxvt-unicode	4.2
rxvt-unicode	rxvt-unicode	4.3
rxvt-unicode	rxvt-unicode	4.4
rxvt-unicode	rxvt-unicode	4.5
rxvt-unicode	rxvt-unicode	4.6
rxvt-unicode	rxvt-unicode	4.7
rxvt-unicode	rxvt-unicode	4.8
rxvt-unicode	rxvt-unicode	4.9
rxvt-unicode	rxvt-unicode	5.0
rxvt-unicode	rxvt-unicode	5.1
rxvt-unicode	rxvt-unicode	5.2
rxvt-unicode	rxvt-unicode	5.3
rxvt-unicode	rxvt-unicode	5.4
rxvt-unicode	rxvt-unicode	5.5
rxvt-unicode	rxvt-unicode	5.6
rxvt-unicode	rxvt-unicode	5.7
rxvt-unicode	rxvt-unicode	5.8
rxvt-unicode	rxvt-unicode	5.9
rxvt-unicode	rxvt-unicode	6.0
rxvt-unicode	rxvt-unicode	6.1
rxvt-unicode	rxvt-unicode	6.2
rxvt-unicode	rxvt-unicode	6.3
rxvt-unicode	rxvt-unicode	7.0
rxvt-unicode	rxvt-unicode	7.1
rxvt-unicode	rxvt-unicode	7.2
rxvt-unicode	rxvt-unicode	7.3
rxvt-unicode	rxvt-unicode	7.4
rxvt-unicode	rxvt-unicode	7.5
rxvt-unicode	rxvt-unicode	7.6
rxvt-unicode	rxvt-unicode	7.7
rxvt-unicode	rxvt-unicode	7.8
rxvt-unicode	rxvt-unicode	7.9
rxvt-unicode	rxvt-unicode	8.0
rxvt-unicode	rxvt-unicode	8.1
rxvt-unicode	rxvt-unicode	8.2
rxvt-unicode	rxvt-unicode	8.3
rxvt-unicode	rxvt-unicode	8.4
rxvt-unicode	rxvt-unicode	8.5
rxvt-unicode	rxvt-unicode	8.5a
rxvt-unicode	rxvt-unicode	8.6
rxvt-unicode	rxvt-unicode	8.7
rxvt-unicode	rxvt-unicode	8.8
rxvt-unicode	rxvt-unicode	8.9
rxvt-unicode	rxvt-unicode	9.0
wterm	wterm	*
wterm	wterm	6.2.5
wterm	wterm	6.2.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:aterm:aterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "906079C8-6164-4E15-A171-759A9C2D33CB",
              "versionEndIncluding": "1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFE971D-9704-411B-89EC-2BE46D7E4930",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65887C4E-3B44-4AA6-919B-88D987C440E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07EF6773-1416-444A-9CCB-00459BBF30DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB4F3E9-B8C3-4DBB-8686-AEB36D0D7A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9CDB7D2-1EB3-4E08-BFEC-572720079B9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A65ADF9D-8591-4046-809E-090B13098E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C17CD8-84FA-4A07-A5B3-C3D3CFD701DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6E8374-C6AF-4BF0-8F08-1DFB788FB1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "438FCC6C-14F7-4E09-A83D-CB09A4C087F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DE72EB-BCB3-44D7-84B8-25C098D79ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7237B6AB-CA2C-4F4E-812F-5A5B466E946A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48413ADC-4E8B-4030-919F-06DDB10FEB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDB25A3-56B5-4C4C-83CA-8CAB21E03371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "0EB2756B-E373-475A-AC3F-0D4357BB7410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "6814E277-848C-4B8B-83A7-7E72B0EBC906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E13A6D13-157C-4A9C-9D79-D4C3418A3867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:aterm:aterm:1.00:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "5CE84A43-27D4-41AB-BFD0-3986137E2748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eterm:eterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2367DBAD-54A6-4ADA-83A1-F7DBC3813500",
              "versionEndIncluding": "0.9.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eterm:eterm:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF3630F-CE7F-4A04-8094-1E692D32DF64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mrxvt:mrxvt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDEA3F78-F92B-45E2-9406-FDB58FA43021",
              "versionEndIncluding": "0.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mrxvt:mrxvt:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C1645E2-E752-4D1B-887D-61A54E165C6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60168674-59D0-42E9-AF75-59E1D67C392D",
              "versionEndIncluding": "0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C575E5-6D9B-48A1-A756-304D8EC480C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B4F027-019B-4C38-BD32-FDC6CF6F27F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "019BA414-15C4-46F5-830F-1EC910C65B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE85183-4BD5-45CA-9723-4EE635D61EE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D5D44E-8936-4B6D-8A83-839F3A0FBE59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB2370B-7366-4291-B602-26342194094C",
              "versionEndIncluding": "2.7.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5CE4F28-5C30-4A54-8A4B-3FA6B01F1467",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BA71D83-EA61-4B68-9D71-40E660C8E9E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB750075-F614-40BA-B26D-CA3826A1B865",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "31FE05CF-F5F3-4F11-853A-36D4A4CA8FD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "16BC9337-A01B-402D-A9A0-AAE0B49355BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED803842-E280-4998-BD7C-CF8048304FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "779E9DE5-58AC-4441-8925-3ADC1E042A8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt:rxvt:2.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "287104DA-18C9-400C-B23C-CD569E5F11C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EDF05C-DE07-4C0C-878B-76DD7CFE0C28",
              "versionEndIncluding": "9.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CB9BC7D-3ABE-4262-A705-DAA17A527257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86C5E10-4E22-4E5C-A2E5-575D291301BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA17952-574A-48C3-BC45-B7B8242D89CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "765462C7-1EE5-43BE-AD1E-4FEB74C486F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "499B59D2-8535-4A07-B221-AA26EAACAB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87E8504-8CF7-4AB4-A437-8D15D623EE2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF5A78E-1CA2-47C3-AF35-0F4024F8C57D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB280BBD-663C-4F72-86F6-D67B65F14D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEEF3E4C-0014-4062-BD27-11649D6DC022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AE654A2-DC0C-4764-92E9-45B1890ED9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "263D8B7E-046C-4C68-8FE0-6FE56DCC6140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54383B98-264B-4C5C-9E0F-F06CFC200827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "550ED2B1-0273-407A-B9E2-8B219ECF5F73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC2A517-FFFF-4266-A900-36F09D2A0B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B30E8A-FD5B-473D-AEDD-96CB8533CE91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "898BFA6D-1874-4DC0-8A23-196011EA6AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D823A-6321-4EC8-B580-27AC0FABA07D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A78B12DC-F538-48B8-9097-A5B6E35190BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E67E56-F415-46E5-A147-19B18EC0CB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1263E928-4629-4627-9C48-3BEF8EA6A8C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8A8C74-F783-4460-95B0-0F70DAAF1214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "60169CC8-A154-4250-BCE1-BCF05EDDE840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CCD73D1-AEDE-4775-A242-B37078088577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BE74E8-AAE2-45B0-A27B-425130E94BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76CAB9D-C5E5-452C-9C0B-E5415AB650F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F5C9D0-F4B4-448D-930C-17B037C4AE07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "830E5352-49B6-4941-91C2-03FF48AE6654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7B3932-0C64-4F0D-9C27-31F823958FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8C6532-DE29-4071-9156-ABEFACA02BAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA0AFAF1-F061-4C0E-9550-206824C19466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B410B3D-D43A-4A62-9CDB-69C4E16062DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25C6C41-3CD6-4FA8-8223-996B010A40E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BADC5D37-AAB3-4709-A156-D2CDA3AB2D0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B96FCB-ABC8-4FBE-B386-4612B3FFF5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4014961-4950-4C2D-9FE8-EBB089F2D080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C939A580-A0CA-4FC9-BCC0-1C7BAB6AB6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D14EE-F1FD-4E1D-BB5E-0E71C3A79186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAF5AC0-C9F3-4096-8071-FDE918291C3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E090BEAD-535D-4CC0-8AEF-C66F6C57657F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727CD66-4D54-4B80-843D-67BF421125A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD5EBFB-B2B6-4E71-A2F7-2ECADFC99DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "931F6A8E-AC22-49A7-ABC8-F9E685C5DB4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD68C4D-47E0-4325-9B7F-A73F455CD7C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C292CB-B53B-4E86-A994-D53154558E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07793F4F-477E-4606-B262-F8216DEEA8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FD7AAA-D27C-4B16-995A-AEC044C9E7C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F175B9E5-999F-4BBC-9B2C-AF71992ABE94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E73C64A4-5353-43D2-8E60-9222B5C2403D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C262FB71-D4D4-4F1F-9D5A-5F948273EF73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB4F5155-562F-4923-8D21-B99A2E31BA05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "99D71BA3-1491-46F7-B684-30BE37ED79C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "045C0948-0D5C-4A91-B62A-5DA97A7CBCAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F406B34-FFEE-4DF6-8720-C6CD0C786694",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2AF031D-8BE0-4D26-98B2-B4484A5F1657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACCD55F-C3DC-4AE4-80F4-C873DCA3F763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6485D96D-95FE-4980-A476-922DBCCB362A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D867F5A-639B-4B4C-87F9-377869D925DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A906623-8A36-4211-98C4-4646A0489936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FFF2C26-2B05-4949-B87A-E1EC1D4A8FB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4F3780-BBEB-4355-AFAD-7F69176ECF8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "380F457A-E570-437E-8F23-B354C8BB15A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3FCEEC1-7917-4A33-A7DF-6FB35065E8F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "713FF10E-813F-4089-88CF-AB1368CDE376",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB6F305-E6A6-4D74-BEF7-668FE6000529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8484147E-0054-4819-940C-FBDF533D6422",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B02585-2315-4143-BE33-47C509CE0D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EBB720-9AC9-42B4-80F7-2FF61020E58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA0D966-9748-4B03-9EA9-63CD3B6990F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7475AFA-46FB-4035-97CB-0F37BCB7DD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A12095D3-CB90-4EEF-B265-AE899BF0BCEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D91F0089-CBE6-4588-9BC0-E7947A050CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7DC56B-C888-4111-A000-27E34166EB95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A730D6E-327B-4E6C-9F38-6AC117EAED8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7521C5A1-0441-4132-92BB-0F4DD93C0BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ADB59B3-5C43-463B-B714-43264052134B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98F8B98-71CB-421E-B2B5-4AF2C9B4BA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3347E60D-297F-425F-9644-9933650081BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F5A2D96-4DD9-43C8-BC2B-BF0C65820F3A",
              "versionEndIncluding": "6.2.8a2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "398586ED-E758-4D7A-B4D7-EDE57A044AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wterm:wterm:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "21101465-3B77-441C-BC85-5E63E75A8D4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
    },
    {
      "lang": "es",
      "value": "Rxvt versi\u00f3n 2.6.4 abre una ventana terminal en :0 si no se establece la variable de entorno DISPLAY, lo que podr\u00eda permitir a los usuarios locales secuestrar conexiones X11. NOTA: m\u00e1s tarde se inform\u00f3 que rxvt-unicode, mrxvt, aterm, multi-aterm y wterm tambi\u00e9n se ven afectados. NOTA: escenarios de ataque realistas requieren que la v\u00edctima ingrese un comando en la m\u00e1quina incorrecta"
    }
  ],
  "id": "CVE-2008-1142",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.7,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-07T17:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29576"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30224"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30225"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30226"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30227"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30229"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30229"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28512"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1142\n\nThis issue does not affect Red Hat Enterprise Linux 3, 4, or 5.\n\nThe Red Hat Security Response Team has rated this issue as having low security impact.  Due to the minimal security consequences of this issue, we do not intend to fix this in Red Hat Enterprise Linux 2.1.  More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
      "lastModified": "2008-04-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2008-1142 (GCVE-0-2008-1142)

Vulnerability from cvelistv5 – Published: 2008-04-07 17:00 – Updated: 2024-08-07 08:08

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://article.gmane.org/gmane.comp.security.oss.…	x_refsource_MISC
	http://secunia.com/advisories/30226	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/28512	vdb-entryx_refsource_BID
	http://secunia.com/advisories/30229	third-party-advisoryx_refsource_SECUNIA
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296	x_refsource_CONFIRM
	http://secunia.com/advisories/31687	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/30225	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/30227	third-party-advisoryx_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200805-03.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/30224	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/29576	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.701Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2008:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
          },
          {
            "name": "30226",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30226"
          },
          {
            "name": "28512",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28512"
          },
          {
            "name": "30229",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30229"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
          },
          {
            "name": "31687",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31687"
          },
          {
            "name": "30225",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30225"
          },
          {
            "name": "30227",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30227"
          },
          {
            "name": "GLSA-200805-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
          },
          {
            "name": "30224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30224"
          },
          {
            "name": "MDVSA-2008:161",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
          },
          {
            "name": "MDVSA-2008:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
          },
          {
            "name": "29576",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29576"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-05-13T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SR:2008:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
        },
        {
          "name": "30226",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30226"
        },
        {
          "name": "28512",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28512"
        },
        {
          "name": "30229",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30229"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
        },
        {
          "name": "31687",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31687"
        },
        {
          "name": "30225",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30225"
        },
        {
          "name": "30227",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30227"
        },
        {
          "name": "GLSA-200805-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
        },
        {
          "name": "30224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30224"
        },
        {
          "name": "MDVSA-2008:161",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
        },
        {
          "name": "MDVSA-2008:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
        },
        {
          "name": "29576",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29576"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1142",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2008:017",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
            },
            {
              "name": "http://article.gmane.org/gmane.comp.security.oss.general/122",
              "refsource": "MISC",
              "url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
            },
            {
              "name": "30226",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30226"
            },
            {
              "name": "28512",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28512"
            },
            {
              "name": "30229",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30229"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
            },
            {
              "name": "31687",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31687"
            },
            {
              "name": "30225",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30225"
            },
            {
              "name": "30227",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30227"
            },
            {
              "name": "GLSA-200805-03",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
            },
            {
              "name": "30224",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30224"
            },
            {
              "name": "MDVSA-2008:161",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
            },
            {
              "name": "MDVSA-2008:221",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
            },
            {
              "name": "29576",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29576"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1142",
    "datePublished": "2008-04-07T17:00:00",
    "dateReserved": "2008-03-04T00:00:00",
    "dateUpdated": "2024-08-07T08:08:57.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2008-1142

CVE-2008-1142 (GCVE-0-2008-1142)

Tags

Sightings

Nomenclature