CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 1CVE-2012-5821
https://notcve.org/view.php?id=CVE-2012-5821
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function. Lynx no verifica que el certificado del servidor está firmado por una autoridad de certificación de confianza, lo que permite ataques man-in-the-middle con los que se falsifican servidores SSL mediante certificados hechos a mano. Se trata de un problema relacionado con el uso indebido de una función GnuTLS determinada. • http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf http://www.mandriva.com/security/advisories?name=MDVSA-2013:101 http://www.ubuntu.com/usn/USN-1642-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/79930 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0351 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 5%CPEs: 4EXPL: 0CVE-2010-2810
https://notcve.org/view.php?id=CVE-2010-2810
Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name. Desbordamiento de búfer basado en la memoria dinámica en la función convert_to_idna en WWW/Library/Implementation/HTParse.c en Lynx v2.8.8dev.1 hasta v2.8.8dev.4 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posilemete ejecutar código de su elección a través de una URL mal formada qye contiene un caracter % (porcentaje) en el nombre de dominio. • http://marc.info/?l=oss-security&m=128151768510564&w=2 http://marc.info/?l=oss-security&m=128152412221677&w=2 http://www.ubuntu.com/usn/USN-1642-1 http://www.vupen.com/english/advisories/2010/2042 https://bugs.launchpad.net/ubuntu/+source/lynx-cur/+bug/613254 https://exchange.xforce.ibmcloud.com/vulnerabilities/61007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 179EXPL: 1CVE-2006-7234 – Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
https://notcve.org/view.php?id=CVE-2006-7234
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en Lynx anterior a 2.8.6rel.4; permite a usuarios locales ejecutar código de su elección a través de los ficheros maliciosos (1) .mailcap y (2) mime.types en el directorio de trabajo actual. • https://www.exploit-db.com/exploits/32530 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://secunia.com/advisories/32407 http://secunia.com/advisories/32416 http://secunia.com/advisories/33568 http://www.mandriva.com/security/advisories?name=MDVSA-2008:217 http://www.openwall.com/lists/oss-security/2008/10/25/3 http://www.redhat.com/support/errata/RHSA-2008-0965.html http://www.sec •
CVSS: 10.0EPSS: 1%CPEs: 176EXPL: 0CVE-2008-4690 – lynx: remote arbitrary command execution via a crafted lynxcgi: URL
https://notcve.org/view.php?id=CVE-2008-4690
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler. lynx v2.8.6dev.15 y anteriores, cuando está activado el modo avanzado y lynx está configurado como manejador de URL, permite a atacantes remotos ejecutar comandos de su elección a través de un lynxcgi: URL manipulado. Cuestión relacionada con el CVE-2005-2929. NOTA: se trata de una vulnerabilidad únicamente en algunos desarrollos que tienen definido un lynxcgi: handler. • http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://secunia.com/advisories/32416 http://secunia.com/advisories/32967 http://secunia.com/advisories/33568 http://www.mandriva.com/security/advisories?name=MDVSA-2008:217 http://www.mandriva.com/security/advisories?name=MDVSA-2008:218 http://www.openwall.com/lists/oss-security/2008/10/09/2 http://www.redhat.com/support/errata/RHSA-2008-0965.html http://www.securitytracker.com/id?1021105 https://exchang • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2006-6207 – Evolve Shopping Cart - 'products.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2006-6207
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error ** IMPUGNADA ** Vulnerabilidad de inyección SQL en products.asp de Evolve shopping cart (también conocido como Evolve Merchant) permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro partno. NOTA: el vendedor impugna este asunto, indicando que es un error forzado de SQL. • https://www.exploit-db.com/exploits/29197 http://securityreason.com/securityalert/1933 http://www.securityfocus.com/archive/1/452706/100/0/threaded http://www.securityfocus.com/archive/1/453549/100/0/threaded http://www.securityfocus.com/bid/21323 https://exchange.xforce.ibmcloud.com/vulnerabilities/30540 •