Mandriva Linux Security Advisory : rxvt-unicode (MDVSA-2014:094)
High Nessus Plugin ID 74072
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated rxvt-unicode package fixes security vulnerability :
rxvt-unicode (aka urxvt) before 9.20 is vulnerable to a user-assisted arbitrary commands execution issue. This can be exploited by the unprocessed display of certain escape sequences in a crafted text file or program output. Arbitrary command sequences can be constructed using this, and unintentionally executed if used in conjunction with various other escape sequences (CVE-2014-3121).
SolutionUpdate the affected rxvt-unicode package.