[v2.7] rxvt-unicode: remote arbitrary code execution (CVE-2014-3121)
rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.
•MLIST:[oss-security] 20140430 CVE request: rxvt-unicode user-assisted
arbitrary commands execution
(from redmine: issue id 2922, created on 2014-05-21, closed on 2014-05-23)
- parent #2920 (closed)
- Revision a260163e by Natanael Copa on 2014-05-22T13:19:21Z:
main/rxvt-unicode: security upgrade to 9.20 (CVE-2014-3121) fixes #2922