CVE-2003-0071Project X11r6 vulnerability

7 documents5 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 76.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Xfree86 Project X11r6
Timeline
PublishedMar 3
Latest updateApr 29

Description

The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDxfree86_project/x11r66 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-xv76-8jhj-2c53: The DEC UDK processing feature in the xterm terminal emulator in XFree86 42022-04-29
CVEList
CVE-2003-0071: The DEC UDK processing feature in the xterm terminal emulator in XFree86 42004-09-01

📋Vendor Advisories

2
Red Hat
xterm: arbitrary command injection2008-12-29
Red Hat
security flaw2003-02-24

💬Community

2
Bugzilla
CVE-2003-0071 security flaw2018-08-16
Bugzilla
CVE-2008-2383 xterm: arbitrary command injection2009-01-05
CVE-2003-0071 — Xfree86 Project X11r6 vulnerability | cvebase