Lucene search

[email protected]CVE-2003-0064

HistorySep 01, 2004 - 4:00 a.m.

CVE-2003-0064

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

dtterm

terminal emulator

window title

command execution

cve-2003-0064

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

JSON

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user’s terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Affected configurations

NVD

Node

sgiirixMatch5.0

sgiirixMatch5.0.1

sgiirixMatch5.1

sgiirixMatch5.1.1

sgiirixMatch5.2

sgiirixMatch5.3

sgiirixMatch6.0

sgiirixMatch6.0.1

sgiirixMatch6.1

sgiirixMatch6.2

sgiirixMatch6.3

sgiirixMatch6.4

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2

sgiirixMatch6.5.2f

sgiirixMatch6.5.2m

sgiirixMatch6.5.3

sgiirixMatch6.5.3f

sgiirixMatch6.5.3m

sgiirixMatch6.5.4

sgiirixMatch6.5.4f

sgiirixMatch6.5.4m

sgiirixMatch6.5.5

sgiirixMatch6.5.5f

sgiirixMatch6.5.5m

sgiirixMatch6.5.6

sgiirixMatch6.5.6f

sgiirixMatch6.5.6m

sgiirixMatch6.5.7

sgiirixMatch6.5.7f

sgiirixMatch6.5.7m

sgiirixMatch6.5.8

sgiirixMatch6.5.8f

sgiirixMatch6.5.8m

sgiirixMatch6.5.9

sgiirixMatch6.5.9f

sgiirixMatch6.5.9m

sgiirixMatch6.5.10

sgiirixMatch6.5.10f

sgiirixMatch6.5.10m

sgiirixMatch6.5.11

sgiirixMatch6.5.11f

sgiirixMatch6.5.11m

sgiirixMatch6.5.12

sgiirixMatch6.5.12f

sgiirixMatch6.5.12m

sgiirixMatch6.5.13

sgiirixMatch6.5.13f

sgiirixMatch6.5.13m

sgiirixMatch6.5.14

sgiirixMatch6.5.14f

sgiirixMatch6.5.14m

sgiirixMatch6.5.15

sgiirixMatch6.5.15f

sgiirixMatch6.5.15m

sgiirixMatch6.5.16

sgiirixMatch6.5.16f

sgiirixMatch6.5.16m

sgiirixMatch6.5.17

sgiirixMatch6.5.17f

sgiirixMatch6.5.17m

sgiirixMatch6.5.18

sgiirixMatch6.5.18f

sgiirixMatch6.5.18m

Node

hphp-uxMatch10.20

hphp-uxMatch10.24

hphp-uxMatch10.26

hphp-uxMatch10.30

hphp-uxMatch10.34

hphp-uxMatch11.00

hphp-uxMatch11.04

hphp-uxMatch11.11

hphp-uxMatch11.20

hphp-uxMatch11.22

ibmaixMatch4.3

ibmaixMatch4.3.1

ibmaixMatch4.3.2

ibmaixMatch4.3.3

ibmaixMatch5.1

ibmaixMatch5.2

sunsolarisMatch2.5.1x86

sunsolarisMatch2.6

sunsolarisMatch7.0x86

sunsolarisMatch8.0x86

sunsolarisMatch9.0sparc

sunsolarisMatch9.0x86

sunsunosMatch-

sunsunosMatch5.5.1

sunsunosMatch5.7

sunsunosMatch5.8

CPENameOperatorVersion
sgi:irixsgi irixeq5.0
sgi:irixsgi irixeq5.0.1
sgi:irixsgi irixeq5.1
sgi:irixsgi irixeq5.1.1
sgi:irixsgi irixeq5.2
sgi:irixsgi irixeq5.3
sgi:irixsgi irixeq6.0
sgi:irixsgi irixeq6.0.1
sgi:irixsgi irixeq6.1
sgi:irixsgi irixeq6.2

CPE	Name	Operator	Version
sgi:irix	sgi irix	eq	5.0
sgi:irix	sgi irix	eq	5.0.1
sgi:irix	sgi irix	eq	5.1
sgi:irix	sgi irix	eq	5.1.1
sgi:irix	sgi irix	eq	5.2
sgi:irix	sgi irix	eq	5.3
sgi:irix	sgi irix	eq	6.0
sgi:irix	sgi irix	eq	6.0.1
sgi:irix	sgi irix	eq	6.1
sgi:irix	sgi irix	eq	6.2

Rows per page:

1-10 of 651

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html

marc.info/?l=bugtraq&m=104612710031920&w=2

www.iss.net/security_center/static/11414.php

www.securityfocus.com/advisories/6236

www.securityfocus.com/bid/6942

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

JSON

Related for CVE-2003-0064

cvelist1 openvas2 nvd1 securityvulns1