CVE-2005-3120
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
92.3%
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
References
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
secunia.com/advisories/17150
secunia.com/advisories/17216
secunia.com/advisories/17230
secunia.com/advisories/17231
secunia.com/advisories/17238
secunia.com/advisories/17248
secunia.com/advisories/17340
secunia.com/advisories/17360
secunia.com/advisories/17444
secunia.com/advisories/17445
secunia.com/advisories/17480
secunia.com/advisories/18376
secunia.com/advisories/18584
secunia.com/advisories/20383
securitytracker.com/id?1015065
slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
support.avaya.com/elmodocs2/security/ASA-2006-010.htm
www.debian.org/security/2005/dsa-874
www.debian.org/security/2005/dsa-876
www.debian.org/security/2006/dsa-1085
www.gentoo.org/security/en/glsa/glsa-200510-15.xml
www.mandriva.com/security/advisories?name=MDKSA-2005:186
www.novell.com/linux/security/advisories/2005_25_sr.html
www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
www.redhat.com/support/errata/RHSA-2005-803.html
www.securityfocus.com/archive/1/419763/100/0/threaded
www.securityfocus.com/archive/1/435689/30/4740/threaded
www.securityfocus.com/bid/15117
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
usn.ubuntu.com/206-1/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
92.3%