Users of VTE please be advised of an arbitrary command execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
USN-962-1: VTE vulnerability
Janne Snabb discovered that applications using VTE, such as gnome-terminal,
did not correctly filter window and icon title request escape codes. If a
user were tricked into viewing specially crafted output in their terminal,
a remote attacker could execute arbitrary commands with user privileges.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/cDLGYI
No comments:
Post a Comment