cbcvebase.
CVE-2003-0070
published 2003-03-03

CVE-2003-0070: VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a…

PriorityP423medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.08%
79.1th percentile
VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Affected

23 ranges
VendorProductVersion rangeFixed in
debianvte< vte 1:0.11.10-1 (bookworm)vte 1:0.11.10-1 (bookworm)
debianvte< vte 1:0.24.3-1 (bookworm)vte 1:0.24.3-1 (bookworm)
gnomegnome-terminal
gnomegnome-terminal
nalin_dahyabhaivte<= 0.25.1
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte
nalin_dahyabhaivte>= 0 < 1:0.24.3-11:0.24.3-1
nalin_dahyabhaivte>= 0 < 1:0.11.10-11:0.11.10-1
nalin_dahyabhaivte>= 0 < 1:0.24.3-11:0.24.3-1
nalin_dahyabhaivte>= 0 < 1:0.11.10-11:0.11.10-1
nalin_dahyabhaivte>= 0 < 1:0.24.3-11:0.24.3-1
nalin_dahyabhaivte>= 0 < 1:0.11.10-11:0.11.10-1
nalin_dahyabhaivte>= 0 < 1:0.24.3-11:0.24.3-1
nalin_dahyabhaivte>= 0 < 1:0.11.10-11:0.11.10-1

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.