CVE-2003-0064

Severity

75%

Complexity

99%

Confidentiality

106%

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 21 years ago

2003-03-03 05:00:00

Last updated 6 years ago

2018-10-30 16:26:00

Affected Software

SGI IRIX 5.0.1

5.0.1

SGI IRIX 5.1

5.1

SGI IRIX 5.1.1

5.1.1

SGI IRIX 5.2

5.2

SGI IRIX 5.3

5.3

SGI IRIX 6.0

6.0

SGI IRIX 6.0.1

6.0.1

SGI IRIX 6.1

6.1

SGI IRIX 6.2

6.2

SGI IRIX 6.3

6.3

SGI IRIX 6.4

6.4

SGI IRIX 6.5

6.5

SGI IRIX 6.5.1

6.5.1

SGI IRIX 6.5.2

6.5.2

SGI IRIX 6.5.2f

6.5.2f

SGI IRIX 6.5.2m

6.5.2m

SGI IRIX 6.5.3

6.5.3

SGI IRIX 6.5.3f

6.5.3f

SGI IRIX 6.5.3m

6.5.3m

SGI IRIX 6.5.4

6.5.4

SGI IRIX 6.5.4f

6.5.4f

SGI IRIX 6.5.4m

6.5.4m

SGI IRIX 6.5.5

6.5.5

SGI IRIX 6.5.5f

6.5.5f

SGI IRIX 6.5.5m

6.5.5m

SGI IRIX 6.5.6

6.5.6

SGI IRIX 6.5.6f

6.5.6f

SGI IRIX 6.5.6m

6.5.6m

SGI IRIX 6.5.7

6.5.7

SGI IRIX 6.5.7f

6.5.7f

SGI IRIX 6.5.7m

6.5.7m

SGI IRIX 6.5.8

6.5.8

SGI IRIX 6.5.8f

6.5.8f

SGI IRIX 6.5.8m

6.5.8m

SGI IRIX 6.5.9

6.5.9

SGI IRIX 6.5.9f

6.5.9f

SGI IRIX 6.5.9m

6.5.9m

SGI IRIX 6.5.10

6.5.10

SGI IRIX 6.5.10f

6.5.10f

SGI IRIX 6.5.10m

6.5.10m

SGI IRIX 6.5.11

6.5.11

SGI IRIX 6.5.11f

6.5.11f

SGI IRIX 6.5.11m

6.5.11m

SGI IRIX 6.5.12

6.5.12

SGI IRIX 6.5.12f

6.5.12f

SGI IRIX 6.5.12m

6.5.12m

SGI IRIX 6.5.13

6.5.13

SGI IRIX 6.5.13f

6.5.13f

SGI IRIX 6.5.13m

6.5.13m

SGI IRIX 6.5.14

6.5.14

SGI IRIX 6.5.14f

6.5.14f

SGI IRIX 6.5.14m

6.5.14m

SGI IRIX 6.5.15

6.5.15

SGI IRIX 6.5.15f

6.5.15f

SGI IRIX 6.5.15m

6.5.15m

SGI IRIX 6.5.16

6.5.16

SGI IRIX 6.5.16f

6.5.16f

SGI IRIX 6.5.16m

6.5.16m

SGI IRIX 6.5.17

6.5.17

SGI IRIX 6.5.17f

6.5.17f

SGI IRIX 6.5.17m

6.5.17m

SGI IRIX 6.5.18

6.5.18

SGI IRIX 6.5.18f

6.5.18f

SGI IRIX 6.5.18m

6.5.18m

HP HP-UX 10.20

10.20

HP HP-UX 10.24

10.24

HP HP-UX 10.26

10.26

HP HP-UX 10.30

10.30

HP HP-UX 10.34

10.34

HP-UX 11.00

11.00

HP HP-UX 11.04

11.04

HP-UX 11.11

11.11

HP-UX 11i v1.5

11.20

HP-UX 11i v1.6

11.22

IBM AIX 4.3

4.3

IBM AIX 4.3.1

4.3.1

IBM AIX 4.3.2

4.3.2

IBM AIX 4.3.3

4.3.3

IBM AIX 5.1

5.1

IBM AIX 5.2

5.2

Sun Solaris 2.6

2.6

Sun SunOS (formerly Solaris)

Sun Microsystems Solaris 2.5.1

5.5.1

Sun Microsystems Solaris 7

5.7

Sun SunOS (Solaris 8) 5.8

5.8

References

20030224 Terminal Emulator Security Issues

Vendor Advisory

20030224 Terminal Emulator Security Issues

terminal-emulator-window-title(11414)

Vendor Advisory

HPSBUX0401-309

6942

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.