9.8
CVE-2005-3120
- EPSS 23.26%
- Veröffentlicht 17.10.2005 20:06:00
- Zuletzt bearbeitet 16.06.2026 22:16:17
- Quelle security@debian.org
- CVE-Watchlists
- Unerledigt
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Invisible-island ≫ Lynx Version <= 2.8.6
Debian ≫ Debian Linux Version3.0
Debian ≫ Debian Linux Version3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 23.26% | 0.975 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-131 Incorrect Calculation of Buffer Size
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
http://secunia.com/advisories/20383
http://www.debian.org/security/2006/dsa-1085
http://www.securityfocus.com/archive/1/435689/30/4740/threaded
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:186
http://www.securityfocus.com/bid/15117
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
http://secunia.com/advisories/17150
http://secunia.com/advisories/17216
http://secunia.com/advisories/17230
http://secunia.com/advisories/17231
http://secunia.com/advisories/17238
http://secunia.com/advisories/17248
http://secunia.com/advisories/17340
http://secunia.com/advisories/17360
http://secunia.com/advisories/17444
http://secunia.com/advisories/17445
http://secunia.com/advisories/17480
http://secunia.com/advisories/18376
http://secunia.com/advisories/18584
http://securitytracker.com/id?1015065
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
http://www.debian.org/security/2005/dsa-874
http://www.debian.org/security/2005/dsa-876
http://www.novell.com/linux/security/advisories/2005_25_sr.html
http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
http://www.redhat.com/support/errata/RHSA-2005-803.html
http://www.securityfocus.com/archive/1/419763/100/0/threaded
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
https://usn.ubuntu.com/206-1/