Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-3120

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

  • Published: Oct 17, 2005
  • Updated: May 9, 2024
  • CVE: CVE-2005-3120
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
invisible-island / lynx - 2.8.6.x
debian / debian_linux 3.1 3.1.x
debian / debian_linux 3.0 3.0.x