Total vulnerabilities in the database
Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name.
| Software | From | Fixed in |
|---|---|---|
| lynx / lynx | 2.8.8-dev.2 | 2.8.8-dev.2.x |
| lynx / lynx | 2.8.8-dev.3 | 2.8.8-dev.3.x |
| lynx / lynx | 2.8.8-dev.1 | 2.8.8-dev.1.x |
| lynx / lynx | 2.8.8-dev.4 | 2.8.8-dev.4.x |