CVE-2008-2383
Publication date 2 January 2009
Last updated 24 July 2024
Ubuntu priority
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.
Status
Package | Ubuntu Release | Status |
---|---|---|
xterm | 8.10 intrepid |
Fixed 235-1ubuntu1.1
|
8.04 LTS hardy |
Fixed 229-1ubuntu1.1
|
|
7.10 gutsy |
Fixed 229-1ubuntu0.1
|
|
6.06 LTS dapper |
Fixed 208-3.1ubuntu3.1
|