CVE-2017-1000211

Опубликовано: 17 нояб. 2017

Источник: debian

Описание

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
lynx	fixed	2.8.9dev16-1		package
lynx	no-dsa		stretch	package
lynx-cur	removed			package
lynx-cur	no-dsa		jessie	package

Примечания

https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9

Связанные уязвимости

CVE-2017-1000211

CVSS3: 5.3

ubuntu

около 8 лет назад

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

CVE-2017-1000211

CVSS3: 5.3

redhat

около 8 лет назад

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

CVE-2017-1000211

CVSS3: 5.3

nvd

около 8 лет назад

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

openSUSE-SU-2017:3198-1

suse-cvrf

около 8 лет назад

Security update for lynx

SUSE-SU-2017:3180-1

suse-cvrf

около 8 лет назад

Security update for lynx