CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-3770

HIGH
7.8
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile6.42th
Published2007年7月15日
Last Modified2026年4月23日

Vulnerability Description

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.

Affected Platforms (CPE)

📦
Os Cillation

Xfce Terminal

= 0.2.6

References & Advisories

🔗 http://bugs.gentoo.org/show_bug.cgi?id=184886
🔗 http://osvdb.org/38082
🔗 http://secunia.com/advisories/26037
🔗 http://secunia.com/advisories/26392
🔗 http://secunia.com/advisories/26418
🔗 http://secunia.com/advisories/27374
🔗 http://security.gentoo.org/glsa/glsa-200708-07.xml
🔗 http://www.debian.org/security/2007/dsa-1393

相關漏洞威脅

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.