CVE Vulnerabilities

CVE-2003-0022

Published: Mar 03, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The screen dump feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a users terminal, e.g. when the user views a file containing the malicious sequence.

Affected Software

Name Vendor Start Version End Version
Rxvt Rxvt 2.6.1 (including) 2.6.1 (including)
Rxvt Rxvt 2.6.2 (including) 2.6.2 (including)
Rxvt Rxvt 2.6.3 (including) 2.6.3 (including)
Rxvt Rxvt 2.6.4 (including) 2.6.4 (including)
Rxvt Rxvt 2.7.5 (including) 2.7.5 (including)
Rxvt Rxvt 2.7.6 (including) 2.7.6 (including)
Rxvt Rxvt 2.7.7 (including) 2.7.7 (including)
Rxvt Rxvt 2.7.8 (including) 2.7.8 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux 6.2 RedHat *
Red Hat Linux 7.0 RedHat *
Red Hat Linux 7.1 RedHat *
Red Hat Linux 7.2 RedHat *
Red Hat Linux 7.3 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *

References