Launchpad.net

CVE 2007-3770

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.

Related bugs and status

CVE-2007-3770 (Candidate) is related to these bugs:

Bug #132046: SECURITY: URL handling allows remote shell command execution

		In	Importance	Status
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal (Ubuntu)	Medium	Fix Released
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal (Gentoo Linux)	Medium	Fix Released
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal (Debian)	Unknown	Fix Released
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal	Unknown	Fix Released
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal (Ubuntu Dapper)	Medium	Fix Released
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal (Ubuntu Edgy)	Medium	Fix Released
132046	SECURITY: URL handling allows remote shell command execution	xfce4-terminal (Ubuntu Feisty)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.gentoo.org...
SECUNIA: 26037
GENTOO: GLSA-200708-07
BID: 24889
SECUNIA: 26418
UBUNTU: USN-497-1
SECUNIA: 26392
DEBIAN: DSA-1393
SECUNIA: 27374
OSVDB: 38082
XF: xfce-terminalhelper-co...