← Back

CVE-2003-0070

nvd nist
Published: Mar 3, 2003Modified: Apr 16, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Affected (12)

Nalin Dahyabhai
1 product
Vte
Gnome
1 product
Gnome Terminal
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Nalin Dahyabhai
Vte
Version 0.11.21
Vte
Version 0.12.2
Vte
Version 0.14.2
Vte
Version 0.15.0
Vte
Version 0.16.14
Vte
Version 0.17.4
Vte
Version 0.20.5
Vte
Version 0.22.5
Vte
Version 0.24.3
Vte
Version 0.25.1
Gnome
Gnome Terminal
Version 2.0
Gnome Terminal
Version 2.2

References (10)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.