Arbitrary Command Execution and X Window Property Manipulation in rxvt-unicode

Arbitrary Command Execution and X Window Property Manipulation in rxvt-unicode

CVE-2014-3121 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.

Learn more about our User Device Pen Test.