CVE-2003-0068
eterm - missing input sanitising
EPSS 0.67%
Description
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
How to fix CVE-2003-0068
To remediate CVE-2003-0068, upgrade the affected package to a fixed version below.
- Debian/eterm—upgrade to 0.9.2-6 or later
- Debian/eterm—upgrade to 0.9.2-0pre2002042903.3 or later
Is CVE-2003-0068 being exploited?
Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.9.2-6
- from 0, < 0.9.2-0pre2002042903.3