CVE-2008-2383

Impact:
Important
Public Date:
2008-12-29
Bugzilla:
478888: CVE-2008-2383 xterm: arbitrary command injection

The MITRE CVE dictionary describes this issue as:

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.

Find out more about CVE-2008-2383 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (xterm) RHSA-2009:0018 2009-01-07
Red Hat Enterprise Linux 2.1 (hanterm-xf) RHSA-2009:0019 2009-01-07
Red Hat Enterprise Linux 4 (xterm) RHSA-2009:0018 2009-01-07
Red Hat Enterprise Linux 3 (xterm) RHSA-2009:0018 2009-01-07

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.