7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
88.4%
Lynx is a text-based Web browser.
Ulf Harnhammar discovered a stack overflow bug in Lynx when handling
connections to NNTP (news) servers. An attacker could create a web page
redirecting to a malicious news server which could execute arbitrary code
as the user running lynx. The Common Vulnerabilities and Exposures project
assigned the name CAN-2005-3120 to this issue.
Users should update to this erratum package, which contains a backported
patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc | lynx | < 2.8.5-18.1 | lynx-2.8.5-18.1.ppc.rpm |
RedHat | any | ppc | lynx | < 2.8.5-11.1 | lynx-2.8.5-11.1.ppc.rpm |
RedHat | any | i386 | lynx | < 2.8.5-11.1 | lynx-2.8.5-11.1.i386.rpm |
RedHat | any | s390x | lynx | < 2.8.5-18.1 | lynx-2.8.5-18.1.s390x.rpm |
RedHat | any | s390 | lynx | < 2.8.5-11.1 | lynx-2.8.5-11.1.s390.rpm |
RedHat | any | x86_64 | lynx | < 2.8.5-18.1 | lynx-2.8.5-18.1.x86_64.rpm |
RedHat | any | ia64 | lynx | < 2.8.5-18.1 | lynx-2.8.5-18.1.ia64.rpm |
RedHat | any | x86_64 | lynx | < 2.8.5-11.1 | lynx-2.8.5-11.1.x86_64.rpm |
RedHat | any | s390x | lynx | < 2.8.5-11.1 | lynx-2.8.5-11.1.s390x.rpm |
RedHat | any | i386 | lynx | < 2.8.5-18.1 | lynx-2.8.5-18.1.i386.rpm |