Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.03165 Percentile:
0.86384
CVSS Scoring
CVSS v2 Score: 7.2
Severity:
Mapped CWE(s)
CWE-78
: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
All CAPEC(s)
CAPEC-108: Command Line Execution through SQL Injection