Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2008-2383

Publication date 2 January 2009

Last updated 24 July 2024


Ubuntu priority

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.

Status

Package Ubuntu Release Status
xterm 8.10 intrepid
Fixed 235-1ubuntu1.1
8.04 LTS hardy
Fixed 229-1ubuntu1.1
7.10 gutsy
Fixed 229-1ubuntu0.1
6.06 LTS dapper
Fixed 208-3.1ubuntu3.1

References

Related Ubuntu Security Notices (USN)

    • USN-703-1
    • xterm vulnerabilities
    • 6 January 2009

Other references