CVE-2003-0063

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/03/2003
Last modified:
03/04/2025

Description

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*