cbcvebase.
CVE-2011-2198
published 2014-05-21

CVE-2011-2198: The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU…

PriorityP412low3.5CVSS 2.0
AVNACMAuSCNINAP
EPSS
2.16%
79.9th percentile
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@".

Affected

9 ranges
VendorProductVersion rangeFixed in
debianvte< vte 1:0.28.1-1 (bookworm)vte 1:0.28.1-1 (bookworm)
gnomegnome-terminal<= 0.28.0
nalin_dahyabhaivte>= 0 < 1:0.28.1-11:0.28.1-1
nalin_dahyabhaivte>= 0 < 1:0.28.1-11:0.28.1-1
nalin_dahyabhaivte>= 0 < 1:0.28.1-11:0.28.1-1
nalin_dahyabhaivte>= 0 < 1:0.28.1-11:0.28.1-1
opensuseopensuse
opensuseopensuse
oraclesolaris

CVSS provenance

nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:N/A:P
osv3.5LOW
vendor_debian3.5LOW
vendor_redhat3.5LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.