Bug 334475 (CVE-2010-2713)

Summary:	<x11-libs/vte-0.26.2: Arbitrary Code Execution Vulnerability (CVE-2010-2713)
Product:	Gentoo Security	Reporter:	Tim Sammut (RETIRED) <underling>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	major	CC:	gnome
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
Whiteboard:	A2 [glsa]
Package list:		Runtime testing required:	---

Description Tim Sammut (RETIRED) gentoo-dev

2010-08-25 17:00:54 UTC

From the NVD, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713:

The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression.

Comment 1 Tim Sammut (RETIRED) gentoo-dev

2010-08-25 17:09:25 UTC

More information:

https://bugzilla.gnome.org/show_bug.cgi?id=548272
https://bugzilla.redhat.com/show_bug.cgi?id=613110

Comment 2 Gilles Dartiguelongue (RETIRED) gentoo-dev

2011-05-02 09:50:27 UTC

The commit in URL was released in revisions >=0.25.90 and all revisions that would have been affected have left the tree on March, 27th thanks to nirbheek.

Comment 3 Tim Sammut (RETIRED) gentoo-dev

2011-05-02 14:35:04 UTC

(In reply to comment #2)
> The commit in URL was released in revisions >=0.25.90 and all revisions that
> would have been affected have left the tree on March, 27th thanks to nirbheek.

Great, thanks. Since 0.26.2 is already stable... GLSA request filed.

Comment 4 GLSAMaker/CVETool Bot gentoo-dev

2014-12-12 00:40:05 UTC

This issue was resolved and addressed in
 GLSA 201412-10 at http://security.gentoo.org/glsa/glsa-201412-10.xml
by GLSA coordinator Sean Amoss (ackle).