CVE-2007-3770

Name of the Vulnerable Software and Affected Versions: Xfce Terminal version 0.2.6 terminal versions prior to 0.2.6 p25931

Description: The issue allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link. This can be demonstrated using the "Open Link" functionality. Exploitation of this issue may lead to a violation of confidentiality and integrity of protected information and can be carried out remotely.

Recommendations: For Xfce Terminal version 0.2.6, consider disabling the terminal helper execute function as a temporary workaround until a patch is available. For terminal versions prior to 0.2.6 p25931, restrict access to the "Open Link" functionality to minimize the risk of exploitation.