MGASA-2014-0202

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0202.html

Import Source

https://advisories.mageia.org/MGASA-2014-0202.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0202

Related

CVE-2014-3121

Published

2014-05-02T18:05:53Z

Modified

2014-05-02T18:05:49Z

Summary

Updated rxvt-unicode packages fix CVE-2014-3121

Details

Updated rxvt-unicode package fixes security vulnerability:

rxvt-unicode (aka urxvt) before 9.20 is vulnerable to a user-assisted arbitrary commands execution issue. This can be exploited by the unprocessed display of certain escape sequences in a crafted text file or program output. Arbitrary command sequences can be constructed using this, and unintentionally executed if used in conjunction with various other escape sequences (CVE-2014-3121).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / rxvt-unicode

Package

Name: rxvt-unicode
Purl: pkg:rpm/mageia/rxvt-unicode?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.20-1.mga3

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / rxvt-unicode

Package

Name: rxvt-unicode
Purl: pkg:rpm/mageia/rxvt-unicode?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.20-1.mga4

Ecosystem specific

{
    "section": "core"
}