CVE Vulnerabilities

CVE-1999-1549

Published: Nov 16, 1999 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a secure hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user’s configuration file and execute commands.

Affected Software

Name Vendor Start Version End Version
Lynx University_of_kansas 2.7 2.7
Lynx University_of_kansas 2.8 2.8

References