This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Nalin Dahyabhai | First view | 2010-08-05 |
| Product | Vte | Last view | 2012-07-22 |
| Version | 0.15.4 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:nalin_dahyabhai:vte | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4 | 2012-07-22 | CVE-2012-2738 | The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value. |
| 6.8 | 2010-08-05 | CVE-2010-2713 | The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 60458 | VTE / gnome-terminal Window Title Escape Sequence Arbitrary Command Execution |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-08-30 | Name : Fedora Update for vte FEDORA-2012-9575 File : nvt/gb_fedora_2012_9575_vte_fc17.nasl |
| 2012-07-06 | Name : Fedora Update for vte FEDORA-2012-9546 File : nvt/gb_fedora_2012_9546_vte_fc16.nasl |
| 2010-08-30 | Name : Mandriva Update for vte MDVSA-2010:161 (vte) File : nvt/gb_mandriva_MDVSA_2010_161.nasl |
| 2010-07-22 | Name : FreeBSD Ports: vte File : nvt/freebsd_vte.nasl |
| 2010-07-16 | Name : Ubuntu Update for vte vulnerability USN-962-1 File : nvt/gb_ubuntu_USN_962_1.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-12-15 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201412-10.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-471.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-472.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_vte-100716.nasl - Type: ACT_GATHER_INFO |
| 2013-04-20 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2013-135.nasl - Type: ACT_GATHER_INFO |
| 2012-07-05 | Name: The remote Fedora host is missing a security update. File: fedora_2012-9546.nasl - Type: ACT_GATHER_INFO |
| 2012-07-05 | Name: The remote Fedora host is missing a security update. File: fedora_2012-9575.nasl - Type: ACT_GATHER_INFO |
| 2011-01-21 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_vte-100715.nasl - Type: ACT_GATHER_INFO |
| 2010-08-25 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2010-161.nasl - Type: ACT_GATHER_INFO |
| 2010-07-21 | Name: The remote openSUSE host is missing a security update. File: suse_11_2_vte-100716.nasl - Type: ACT_GATHER_INFO |
| 2010-07-19 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_9a8fecef92c011dfb1400015f2db7bde.nasl - Type: ACT_GATHER_INFO |
| 2010-07-16 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-962-1.nasl - Type: ACT_GATHER_INFO |
