CVE-2010-2810
N/A
N/A
Summary
Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61007
- http://marc.info/?l=oss-security&m=128152412221677&w=2
- http://www.vupen.com/english/advisories/2010/2042
- http://www.ubuntu.com/usn/USN-1642-1
- http://marc.info/?l=oss-security&m=128151768510564&w=2
- https://bugs.launchpad.net/ubuntu/+source/lynx-cur/+bug/613254
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61007
- http://marc.info/?l=oss-security&m=128152412221677&w=2
- http://www.vupen.com/english/advisories/2010/2042
- http://www.ubuntu.com/usn/USN-1642-1
- http://marc.info/?l=oss-security&m=128151768510564&w=2
- https://bugs.launchpad.net/ubuntu/+source/lynx-cur/+bug/613254
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.