Nixpkgs security tracker
Untriaged
Permalink
CVE-2003-0063
7.3 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
Activity log
- Created suggestion
The xterm terminal emulator in XFree86 4.2.0 and earlier allows …
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
References
Affected products
n/a
- ==n/a
xfree86
- =<4.2.0
Matching in nixpkgs
pkgs.fontxfree86type1
XFree86 Cusrsor Postscript Type 1 Font
-
nixos-unstable xfree86-type1-1.0.5
- nixpkgs-unstable xfree86-type1-1.0.5
- nixos-unstable-small xfree86-type1-1.0.5
pkgs.font-xfree86-type1
XFree86 Cusrsor Postscript Type 1 Font
-
nixos-unstable xfree86-type1-1.0.5
- nixpkgs-unstable xfree86-type1-1.0.5
- nixos-unstable-small xfree86-type1-1.0.5
-
nixos-25.11 xfree86-type1-1.0.5
- nixos-25.11-small xfree86-type1-1.0.5
- nixpkgs-25.11-darwin xfree86-type1-1.0.5
pkgs.xorg.fontxfree86type1
None
-
nixos-25.11 xfree86-type1-1.0.5
- nixos-25.11-small xfree86-type1-1.0.5
- nixpkgs-25.11-darwin xfree86-type1-1.0.5