Lynx Internal URL Verification Code Execution

High Log Correlation Engine Plugin ID 800977

Synopsis

N/A

Description

The remote host is using Lynx as a web browser. The version used is vulnerable to a bug which may allow a rogue web site to be considered as a local page. An attacker may eventually use this flaw to execute arbitrary code on this host, with the privileges of the user running lynx.

Solution

No solution is known at this time.

Plugin Details

Severity: High

ID: 800977

File Name: 800977.prm

Family: Web Clients

Risk Information

Risk Factor: High

CVSSv2

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Reference Information

CVE: CVE-1999-1549

BID: 804