Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mandriva Update for vte MDVSA-2010:161 (vte)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Check for the Version of vte
Insight
Insight
A vulnerability has been found and corrected in vte: The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression (CVE-2010-2713). The updated packages have been patched to correct this issue.
Affected Software
Affected Software
vte on Mandriva Linux 2009.1, Mandriva Linux 2009.1/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64
Solution
Solution
Please Install the Updated Packages.