Lucene search
HistoryJan 02, 2009 - 6:11 p.m.
CVE-2006-7236
cve
xterm
debian
linux
ubuntu
allowwindowops
arbitrary code
escape sequences
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.5%
The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.
Affected configurations
Node
invisible-islandxtermMatch_nil_
debiandebian_linux
ORubuntulinux
| CPE | Name | Operator | Version |
|---|---|---|---|
| invisible-island:xterm | invisible-island xterm | eq | nil |
Related
nvd
nvd
CVE-2006-7236
2009-01-02 18:11:09
redhatcve
redhatcve
CVE-2006-7236
2015-10-30 09:40:49
debiancve
debiancve
CVE-2006-7236
2009-01-02 18:11:09
cvelist
cvelist
CVE-2006-7236
2009-01-02 18:00:00
ubuntucve
ubuntucve
CVE-2006-7236
2009-01-02 00:00:00
openvas
openvas
Ubuntu USN-703-1 (xterm)
2009-01-07 00:00:00
Ubuntu: Security Advisory (USN-703-1)
2009-01-07 00:00:00
Ubuntu USN-702-1 (samba)
2009-01-07 00:00:00
ubuntu
ubuntu
xterm vulnerabilities
2009-01-06 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xterm vulnerabilities (USN-703-1)
2009-04-23 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.5%
Related for CVE-2006-7236