CVE-2003-0070Command Injection in Gnome-terminal

CWE-77Command Injection13 documents7 sources
Severity
6.8MEDIUMNVD
EPSS
0.6%
top 29.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Nalin Dahyabhai VTEDebian VTEGnome Gnome-terminal
Timeline
PublishedMar 3
Latest updateMay 17

Description

VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages4 packages

NVDgnome/gnome-terminal2.0, 2.2+1
debiandebian/vte< vte 1:0.11.10-1 (bookworm)+1
Debiannalin_dahyabhai/vte< 1:0.24.3-1+7
NVDnalin_dahyabhai/vte0.25.1+10

🔴Vulnerability Details

4
GHSA
GHSA-h3vh-54q4-255x: The vte_sequence_handler_window_manipulation function in vteseq2022-05-17
GHSA
GHSA-mv26-jcw9-w5v8: VTE, as used by default in gnome-terminal terminal emulator 22022-04-29
OSV
CVE-2010-2713: The vte_sequence_handler_window_manipulation function in vteseq2010-08-05
OSV
CVE-2003-0070: VTE, as used by default in gnome-terminal terminal emulator 22003-03-03

💥Exploits & PoCs

1
Exploit-DB
Apache 0.8.x/1.0.x / NCSA HTTPd 1.x - 'test-cgi' Directory Listing1996-04-01

📋Vendor Advisories

4
Red Hat
vte: responds to get window title escape sequence request2010-07-15
Debian
CVE-2010-2713: vte - The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka...2010
Red Hat
security flaw2003-02-24
Debian
CVE-2003-0070: vte - VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option...2003

💬Community

2
Bugzilla
CVE-2003-0070 security flaw2018-08-16
Bugzilla
CVE-2010-2713 vte: responds to get window title escape sequence request2010-07-09