3 matches found
SUSE CVE-2005-2929
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via 1 lynxcgi:, 2 lynxexec, and 3 lynxprog links, which are not properly restricted in the default configuration in some environments...
SUSE CVE-2016-9179
lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host...
DSA-210 lynx - CRLF injection
Bulletin has no description...