CVE-2006-7236

Publication date 2 January 2009

Last updated 24 July 2024


Ubuntu priority

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
xterm 8.10 intrepid
Fixed 235-1ubuntu1.1
8.04 LTS hardy
Fixed 229-1ubuntu1.1
7.10 gutsy
Fixed 229-1ubuntu0.1
6.06 LTS dapper
Fixed 208-3.1ubuntu3.1

References

Related Ubuntu Security Notices (USN)

    • USN-703-1
    • xterm vulnerabilities
    • 6 January 2009

Other references