Lucene search

[email protected]CVE-2007-3770

HistoryJul 15, 2007 - 9:30 p.m.

CVE-2007-3770

2007-07-1521:30:00

[email protected]

web.nvd.nist.gov

xfce terminal

remote code execution

cve-2007-3770

nvd

security vulnerability

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

89.0%

JSON

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the “Open Link” functionality.

Affected configurations

NVD

Node

os-cillationxfce_terminalMatch0.2.6

CPENameOperatorVersion
os-cillation:xfce_terminalos-cillation xfce terminaleq0.2.6

CPE	Name	Operator	Version
os-cillation:xfce_terminal	os-cillation xfce terminal	eq	0.2.6

References

bugs.gentoo.org/show_bug.cgi?id=184886

osvdb.org/38082

secunia.com/advisories/26037

secunia.com/advisories/26392

secunia.com/advisories/26418

secunia.com/advisories/27374

security.gentoo.org/glsa/glsa-200708-07.xml

www.debian.org/security/2007/dsa-1393

www.securityfocus.com/bid/24889

www.ubuntu.com/usn/usn-497-1

exchange.xforce.ibmcloud.com/vulnerabilities/35379

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

89.0%

JSON

Related for CVE-2007-3770

fedora2 openvas10 nessus4 ubuntu1 debian1 nvd1 cvelist1 securityvulns2 prion1 gentoo1 seebug1 debiancve1 ubuntucve1