CVE-2014-3121

EPSS 3.3%

rxvt-unicode - security update

Published: 5/14/2014Modified: 4/28/2026

Description

rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.

Affected packages (2)

Debian/rxvt-unicodefrom 0, < 9.20-1
Debian/rxvt-unicodefrom 0, < 9.07-2+deb6u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-3121