Description: | An updated xterm package to correct a security issue is now available forRed Hat Enterprise Linux 3, 4, and 5.This update has been rated as having important security impact by the RedHat Security Response Team.The xterm program is a terminal emulator for the X Window System.A flaw was found in the xterm handling of Device Control Request StatusString (DECRQSS) escape sequences. An attacker could create a malicioustext file (or log entry, if unfiltered) that could run arbitrary commandsif read by a victim inside an xterm window. (CVE-2008-2383) |