Описание
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1:2.6.4-14 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | not-affected | 1:2.6.4-14 |
| jaunty | not-affected | 1:2.6.4-14 |
| karmic | not-affected | 1:2.6.4-14 |
| lucid | not-affected | 1:2.6.4-14 |
Показывать по
Ссылки на источники
EPSS
3.7 Low
CVSS2
Связанные уязвимости
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment va ...
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
EPSS
3.7 Low
CVSS2