CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-3770

HIGH
7.8
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile6.42th
Published2007年7月15日
Last Modified2026年4月23日

Vulnerability Description

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.

Affected Platforms (CPE)

📦
Os Cillation

Xfce Terminal

= 0.2.6

References & Advisories

🔗 http://bugs.gentoo.org/show_bug.cgi?id=184886
🔗 http://osvdb.org/38082
🔗 http://secunia.com/advisories/26037
🔗 http://secunia.com/advisories/26392
🔗 http://secunia.com/advisories/26418
🔗 http://secunia.com/advisories/27374
🔗 http://security.gentoo.org/glsa/glsa-200708-07.xml
🔗 http://www.debian.org/security/2007/dsa-1393

関連する脆弱性情報

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...