CVE-2006-7234

critical

Description

Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9719

https://exchange.xforce.ibmcloud.com/vulnerabilities/46132

https://bugzilla.redhat.com/show_bug.cgi?id=214205

http://www.securitytracker.com/id?1021107

http://www.securityfocus.com/bid/31917

http://www.redhat.com/support/errata/RHSA-2008-0965.html

http://www.openwall.com/lists/oss-security/2008/10/25/3

http://www.mandriva.com/security/advisories?name=MDVSA-2008:217

http://secunia.com/advisories/33568

http://secunia.com/advisories/32416

http://secunia.com/advisories/32407

http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949

Details

Source: Mitre, NVD

Published: 2008-10-27

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0012

Detections

Analytics