CVE-2005-3120
CRITICAL9.8EPSS 30.4%lynx - buffer overflow
發布日:2005/10/17修改日:2026/3/9
描述
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
受影響套件(4)
- Debian/lynxfrom 0, < 2.8.5-2sarge1
- Debian/lynxfrom 0, < 2.8.4.1b-3.3
- Debian/lynxfrom 0, < 2.8.4.1b-3.2
- Debian/lynx-curfrom 0, < 2.8.5-2.5woody1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |