oss-sec mailing list archives
Re: CVE request: rxvt-unicode user-assisted arbitrary commands execution
From: cve-assign () mitre org
Date: Wed, 30 Apr 2014 23:41:23 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
rxvt-unicode-9.20 (aka urxvt) includes a security update to address a user-assisted arbitrary commands execution issue. This can be exploited by the unprocessed display of certain escape sequences in a crafted text file or program output. arbitrary command sequences can be constructed using this, and unintentionally executed if used in conjunction with various other escape sequences.
http://dist.schmorp.de/rxvt-unicode/Changes
Use CVE-2014-3121. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTYcHgAAoJEKllVAevmvmsKpoIAKMpm+B8q61J3eNZNVrdQ6Hy IZlBiJAu0qWTb9xDZFz1BLtz7WrljVem+/aBM+L2e14sXncNLFlYk+Zg0azyhnXW rEV+2cArAu+GLMB4C0Q4g0GdhNcDe41Q3smcCUbpRQQFpkU6e/R2NxH2nQjNAX9E acRDB7DiNgXJ6iZ02F+N++6+AQhc3VuV09jSeizimcbjNuzQVopCxdq3hOEkDO2W 9eyy8Krx2nUHABdRRRUkl8NmWXsP8fbjD+ZuASYIfPRNM/HZLmEvQeZIA4BO5Dvl Z4ybucja+bKcjb8D3jHijTrubG3Yyskwkc8J5WwYuIebAWNAag1EB676SHW95zA= =1utq -----END PGP SIGNATURE-----
Current thread:
- CVE request: rxvt-unicode user-assisted arbitrary commands execution Conor McCarthy (Apr 30)
- Re: CVE request: rxvt-unicode user-assisted arbitrary commands execution cve-assign (Apr 30)