1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

xterm DECRQSS Escape Sequence Vulnerability

Report ID: SA200800171
Source: Secunia
Date of Discovery: 31.12.2008
Criticality: Moderate

Compromise From: From remote
Compromise Type: System access


A vulnerability has been discovered in xterm, which can be exploited by malicious people to compromise a user's system.

Detailed Description

The vulnerability is caused due to xterm not properly processing the DECRQSS Device Control Request Status String escape sequence. This can be exploited to inject and execute arbitrary shell commands by e.g. tricking a user into displaying a malicious text file containing a specially crafted escape sequence via the "more" command in xterm.

The vulnerability is confirmed in xterm patch #237. Other versions may also be affected.


Do not process untrusted files in xterm.

Original Reference