Lucene search

PRIOn knowledge basePRION:CVE-2007-3770

HistoryJul 15, 2007 - 9:30 p.m.

Open redirect

2007-07-1521:30:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

89.0%

JSON

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the “Open Link” functionality.

CPENameOperatorVersion
xfce_terminaleq0.2.6

CPE	Name	Operator	Version
	xfce_terminal	eq	0.2.6

References

bugs.gentoo.org/show_bug.cgi?id=184886

osvdb.org/38082

secunia.com/advisories/26037

secunia.com/advisories/26392

secunia.com/advisories/26418

secunia.com/advisories/27374

security.gentoo.org/glsa/glsa-200708-07.xml

www.debian.org/security/2007/dsa-1393

www.securityfocus.com/bid/24889

www.ubuntu.com/usn/usn-497-1

exchange.xforce.ibmcloud.com/vulnerabilities/35379