PublicDate: 2008-04-07 17:44:00 UTC
Candidate: CVE-2008-1142
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
Description:
 rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment
 variable is not set, which might allow local users to hijack X11
 connections.  NOTE: it was later reported that rxvt-unicode, mrxvt, aterm,
 multi-aterm, and wterm are also affected.  NOTE: realistic attack scenarios
 require that the victim enters a command on the wrong machine.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_rxvt:
upstream_rxvt: released (1:2.6.4-13)
dapper_rxvt: ignored (reached end-of-life)
edgy_rxvt: needed (reached end-of-life)
feisty_rxvt: needed (reached end-of-life)
gutsy_rxvt: needed (reached end-of-life)
hardy_rxvt: ignored (reached end-of-life)
intrepid_rxvt: not-affected (1:2.6.4-14)
jaunty_rxvt: not-affected (1:2.6.4-14)
karmic_rxvt: not-affected (1:2.6.4-14)
lucid_rxvt: not-affected (1:2.6.4-14)
maverick_rxvt: not-affected (1:2.6.4-14)
natty_rxvt: not-affected (1:2.6.4-14)
oneiric_rxvt: not-affected (1:2.6.4-14)
devel_rxvt: not-affected (1:2.6.4-14)