CyberSec.Space Logo
Back to CVE Browser

CVE-2007-3770

HIGH
7.8
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile6.42th
PublishedJul 15, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.

Affected Platforms (CPE)

πŸ“¦
Os Cillation

Xfce Terminal

= 0.2.6

References & Advisories

πŸ”— http://bugs.gentoo.org/show_bug.cgi?id=184886
πŸ”— http://osvdb.org/38082
πŸ”— http://secunia.com/advisories/26037
πŸ”— http://secunia.com/advisories/26392
πŸ”— http://secunia.com/advisories/26418
πŸ”— http://secunia.com/advisories/27374
πŸ”— http://security.gentoo.org/glsa/glsa-200708-07.xml
πŸ”— http://www.debian.org/security/2007/dsa-1393

Related Vulnerabilities

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...