VDB
CVE-2008-1142
CVE-2008-1142
PUBLISHED
CVSS 3.700000047683716 LOW
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
EPSS 0.07% · 20.6th percentile
Risk Scores
CVSS 2.0
3.700000047683716
EPSS Score
0.07%
20.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mrxvt | mrxvt | 0, 0.4.2 |
| wterm | wterm | 6.2.6, 6.2.5, 0 |
| aterm | aterm | 0.3.2, 0.3.5, 0.3.6 |
| n/a | n/a | * |
| eterm | eterm | 0, 0.9.2 |
| multi-aterm | multi-aterm | 0, 0.0.1, 0.1 |
| rxvt-unicode | rxvt-unicode | 4.9, 8.5, 8.5a |
| rxvt | rxvt | 2.6.3, 2.6.4, 2.7.5 |
Exploit Intelligence
- SUSE-SR:2008:017 (circl)
- http://article.gmane.org/gmane.comp.security.oss.general/122 (circl)
- 30226 (circl)
- 28512 (circl)
- 30229 (circl)
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296 (circl)
- 31687 (circl)
- 30225 (circl)
- 30227 (circl)
- GLSA-200805-03 (circl)
…and 4 more exploits
Timeline
- Apr 7, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- SUSE-SR:2008:017 vendor-advisory
- http://article.gmane.org/gmane.comp.security.oss.general/122 url
- 30226 third-party-advisory
- 28512 vdb
- 30229 third-party-advisory
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296 url
- 31687 third-party-advisory
- 30225 third-party-advisory
- 30227 third-party-advisory
- GLSA-200805-03 vendor-advisory
- 30224 third-party-advisory
- MDVSA-2008:161 vendor-advisory
- MDVSA-2008:221 vendor-advisory
- 29576 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-1142 advisory