CVSS: 9.8EPSS: 6%CPEs: 3EXPL: 0CVE-2005-2929 – lynx arbitrary command execution
https://notcve.org/view.php?id=CVE-2005-2929
12 Nov 2005 — Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments. Remote exploitation of a command injection vulnerability in various vendors' implementations of Lynx could allow attackers to execute arbitrary commands with the privileges of the underlying user. The problem specifically exists within the feature to execute local c... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 3%CPEs: 16EXPL: 1CVE-2004-1617
https://notcve.org/view.php?id=CVE-2004-1617
18 Oct 2004 — Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme. NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value. • http://lcamtuf.coredump.cx/mangleme/gallery • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 14%CPEs: 9EXPL: 1CVE-2002-1405 – Lynx 2.8.x - Command Line URL CRLF Injection
https://notcve.org/view.php?id=CVE-2002-1405
19 Feb 2003 — CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters. Vulnerabilidad de inyección de CRLF en Lynx 2.8.4 y anteriores permite a atacantes remotos inyectar cabeceras HTTP falsas en una petición http provista en la linea de comandos, mediante una URL conteniendo un retorno de carro codificado, salto de línea, y... • https://www.exploit-db.com/exploits/21722 •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 0CVE-2000-0209
https://notcve.org/view.php?id=CVE-2000-0209
27 Feb 2000 — Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page. • http://www.securityfocus.com/bid/1012 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-1999-0817
https://notcve.org/view.php?id=CVE-1999-0817
15 Sep 1999 — Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0817 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0371
https://notcve.org/view.php?id=CVE-1999-0371
11 Feb 1999 — Lynx allows a local user to overwrite sensitive files through /tmp symlinks. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0371 •