CVE-2002-1405
EPSS 13.1%lynx - CRLF injection
發布日:2003/2/19修改日:2026/4/28
描述
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.
受影響套件(3)
- Debian/lynxfrom 0, < 2.8.4.1b-4
- Debian/lynxfrom 0, < 2.8.3-1.1
- Debian/lynx-sslfrom 0, < 2.8.3.1-1.1