Total vulnerabilities in the database
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
| Software | From | Fixed in |
|---|---|---|
| rxvt / rxvt | 2.7.5 | 2.7.5.x |
| rxvt / rxvt | 2.6.4 | 2.6.4.x |
| rxvt / rxvt | 2.7.8 | 2.7.8.x |
| rxvt / rxvt | 2.6.1 | 2.6.1.x |
| rxvt / rxvt | 2.7.6 | 2.7.6.x |
| rxvt / rxvt | 2.7.7 | 2.7.7.x |
| rxvt / rxvt | 2.6.2 | 2.6.2.x |
| rxvt / rxvt | 2.6.3 | 2.6.3.x |