CVE-2006-7236 Information

Description

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384593 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030 http://secunia.com/advisories/33388 https://usn.ubuntu.com/703-1/