{"vuid":"VU#230561","idnumber":"230561","name":"gnome-terminal allows arbitrary command execution when viewing files containing crafted escape sequences","keywords":["gnome-terminal","arbitrary command execution","crafted escape sequences","window title"],"overview":"gnome-terminal may allow a remote attacker to execute arbitrary commands via crafted escape sequences.","clean_desc":"gnome-terminal affords users the ability to utilize an escape sequence to \"export\" the title of the current window title directly to the shell command line. By viewing a maliciously crafted file in gnome-terminal, a victim may unknowingly execute shell commands (provided by the attacker). This vulnerability was discovered by H D Moore of Digital Defense. H D has provided a paper on this topic (TERMINAL EMULATOR SECURITY ISSUES), and Red Hat has published RHSA-2003:053-10. Both of these documents provide more information about this vulnerability.","impact":"A remote attacker may be able to execute arbitrary commands on a vulnerable host.","resolution":"Apply a patch.","workarounds":"","sysaffected":"","thanks":"This vulnerability was \ndiscovered\n by H D Moore of \nDigital Defense\n. The CERT/CC thanks both H D Moore and Red Hat for providing information upon which this document is based.","author":"This document was written by Ian A Finlay.","public":["http://www.digitaldefense.net/labs/papers/Termulation.txt","https://rhn.redhat.com/errata/RHSA-2003-053.html"],"cveids":["CVE-2003-0070"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-02-25T18:05:25Z","publicdate":"2003-02-24T00:00:00Z","datefirstpublished":"2003-02-27T17:56:36Z","dateupdated":"2003-02-27T17:57:07Z","revision":6,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"15","cam_easeofexploitation":"8","cam_attackeraccessrequired":"12","cam_scorecurrent":"4.86","cam_scorecurrentwidelyknown":"6.21","cam_scorecurrentwidelyknownexploited":"11.61","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.86,"vulnote":null}