Ubuntu Security Notice 962-1 - Janne Snabb discovered that applications using VTE, such as gnome-terminal, did not correctly filter window and icon title request escape codes. If a user were tricked into viewing specially crafted output in their terminal, a remote attacker could execute arbitrary commands with user privileges.
80c4d64b72f9a308db9f8e5b218bb0ad4dff2e8abe8e73d44a908a8521f7dfe1