CVE-2012-1166 Information

Description

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding which launches a terminal window.

Reference

http://irclogs.ltsp.org/?d=2012-03-12 http://www.ubuntu.com/usn/USN-1398-1 https://bugs.launchpad.net/ubuntu/2Bsource/ldm/2Bbug/953340