SwiftTerm Code Injection vulnerability
High severity
GitHub Reviewed
Published
Dec 2, 2022
in
migueldeicaza/SwiftTerm
•
Updated Feb 9, 2024
Package
Affected versions
< 1.2.0
Patched versions
1.2.0
Description
Published by the National Vulnerability Database
Dec 2, 2022
Published to the GitHub Advisory Database
Jul 14, 2023
Reviewed
Jul 14, 2023
Last updated
Feb 9, 2024
Impact
Attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
Credit
These bugs were found and disclosed by David Leadbeater dgl@dgl.cx (@dgl at github.com)
Patches
Fixed in version ce596e0dc8cdb288bc7ed5c6a59011ee3a8dc171
Workarounds
There are no workarounds available
References
Similar exploits to this existed in the past, for terminal emulators:
https://nvd.nist.gov/vuln/detail/CVE-2003-0063
https://nvd.nist.gov/vuln/detail/CVE-2008-2383
Additional background and information is also available:
https://marc.info/?l=bugtraq&m=104612710031920&w=2
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030
References