CVE-2010-2713

Name of the Vulnerable Software and Affected Versions libvte versions 0.25.1 and earlier

Description The issue is related to the vte sequence handler window manipulation function in vteseq.c, which does not properly handle escape sequences. This allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a window title or icon title sequence.

Recommendations For libvte versions 0.25.1 and earlier, consider disabling the vte sequence handler window manipulation function as a temporary workaround until a patch is available. Restrict access to potentially sensitive information and avoid using the window title or icon title sequences in gnome-terminal until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.