CVE-2010-2713 — Command Injection in VTE

CWE-77 — Command Injection8 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

0.9%

top 24.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nalin Dahyabhai VTE Debian VTE

Timeline

PublishedAug 5

Latest updateMay 17

Description

The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/vte< vte 1:0.24.3-1 (bookworm)

▶Debiannalin_dahyabhai/vte< 1:0.24.3-1+3

▶NVDnalin_dahyabhai/vte0.25.1+9

Patches

Patch: git.gnome.org ↗Patch: git.gnome.org ↗

🔴Vulnerability Details

GHSA

GHSA-h3vh-54q4-255x: The vte_sequence_handler_window_manipulation function in vteseq↗2022-05-17

▶

OSV

CVE-2010-2713: The vte_sequence_handler_window_manipulation function in vteseq↗2010-08-05

▶

📋Vendor Advisories

Ubuntu

VTE vulnerability↗2010-07-15

▶

Red Hat

vte: responds to get window title escape sequence request↗2010-07-15

▶

Debian

CVE-2010-2713: vte - The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka...↗2010

▶

💬Community

Bugzilla

CVE-2010-2713 vte: responds to get window title escape sequence request [fedora-all]↗2010-07-15

▶

Bugzilla

CVE-2010-2713 vte: responds to get window title escape sequence request↗2010-07-09

▶