CVE-2008-2383

Published: 2 January 2009

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383
• https://ubuntu.com/security/notices/USN-703-1
• NVD
• Launchpad
• Debian