CVE-2021-33477

Name of the Vulnerable Software and Affected Versions rxvt-unicode version 9.22 rxvt version 2.7.10 mrxvt version 0.5.4 Eterm version 0.9.7

Description The issue is related to improper handling of certain escape sequences, specifically ESC G Q, which can lead to code execution. This could potentially allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. A response is terminated by a newline.

Recommendations For rxvt-unicode version 9.22, consider disabling the handling of ESC G Q escape sequences until a patch is available. For rxvt version 2.7.10, restrict access to the vulnerable escape sequence handling functionality to minimize the risk of exploitation. For mrxvt version 0.5.4, avoid using the vulnerable escape sequences in the terminal until the issue is resolved. For Eterm version 0.9.7, as a temporary workaround, consider disabling the handling of ESC G Q escape sequences until a patch is available.