CVE-2003-0068

5 documents5 sources
Severity
7.5HIGH
EPSS
0.7%
top 28.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Michael Jennings Eterm
Timeline
PublishedMar 3
Latest updateApr 29

Description

The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianeterm< 0.9.2-6+2
NVDmichael_jennings/eterm0.8.10, 0.9.1+1

🔴Vulnerability Details

3
GHSA
GHSA-hp5x-32p6-6vcx: The Eterm terminal emulator 02022-04-29
CVEList
CVE-2003-0068: The Eterm terminal emulator 02004-09-01
OSV
CVE-2003-0068: The Eterm terminal emulator 02003-03-03

📋Vendor Advisories

1
Debian
CVE-2003-0068: eterm - The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the win...2003
CVE-2003-0068 (HIGH CVSS 7.5) | The Eterm terminal emulator 0.9.1 a | cvebase.io