{"id":"CVE-2006-7236","details":"The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.","modified":"2026-04-10T03:38:41.158764Z","published":"2009-01-02T18:11:09Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/33388"},{"type":"WEB","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384593"},{"type":"WEB","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030"},{"type":"WEB","url":"https://usn.ubuntu.com/703-1/"}],"schema_version":"1.7.5"}