New Search

RHSA-2009:0018 -- xterm security update (Important)

oval:org.mitre.oval:def:29143

An updated xterm package to correct a security issue is now available for Red Hat Enterprise Linux 3 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The xterm program is a terminal emulator for the X Window System. A flaw was found in the xterm handling of Device Control Request Status String (DECRQSS) escape sequences. An attacker could create a malicious text file (or log entry if unfiltered) that could run arbitrary commands if read by a victim inside an xterm window. (CVE-2008-2383)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • CentOS Linux 5
  • Red Hat Enterprise Linux 4
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 5
Class:
patch
Reference(s):
  • RHSA-2009:0018
  • CESA-2009:0018-CentOS 3
  • CESA-2009:0018-CentOS 5
  • CVE-2008-2383
Product(s):
  • xterm