lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/11/04/1 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/94215 | Third Party Advisory VDB Entry |
http://www.openwall.com/lists/oss-security/2016/11/04/1 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/94215 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2016/11/04/1 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/94215 - Third Party Advisory, VDB Entry |
Information
Published : 2016-12-22 21:59
Updated : 2024-11-21 03:00
NVD link : CVE-2016-9179
Mitre link : CVE-2016-9179
CVE.ORG link : CVE-2016-9179
JSON object : View
Products Affected
lynx
- lynx
CWE
CWE-20
Improper Input Validation