5
CVSSv2

CVE-2004-1617

Published: 18/10/2004 Updated: 19/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Lynx, lynx-ssl, and lynx-cur prior to 2.8.6dev.8 allow remote malicious users to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme. NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

university of kansas lynx 2.8.3_dev22

university of kansas lynx 2.8.3_pre5

university of kansas lynx 2.8.5_dev4

university of kansas lynx 2.8.5_dev5

university of kansas lynx 2.7

university of kansas lynx 2.8

university of kansas lynx 2.8.4_rel1

university of kansas lynx 2.8.5

university of kansas lynx 2.8.1

university of kansas lynx 2.8.2_rel1

university of kansas lynx 2.8.3

university of kansas lynx 2.8.4

university of kansas lynx 2.8.5_dev8

university of kansas lynx 2.8.5_dev3

university of kansas lynx 2.8.3_rel1

university of kansas lynx 2.8.5_dev2

Vendor Advisories

Debian Bug report logs - #296340 malformed html causes memory exhaustion DOS Package: lynx; Maintainer for lynx is Debian Lynx Packaging Team <pkg-lynx-maint@listsaliothdebianorg>; Source for lynx is src:lynx (PTS, buildd, popcon) Reported by: Joey Hess <joeyh@debianorg> Date: Mon, 21 Feb 2005 21:18:01 UTC Sever ...
Michal Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML The same code is present in lynx-ssl For the old stable distribution (woody) this p ...
Michal Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML For the old stable distribution (woody) this problem has been fixed in version 284 ...
Several vulnerabilities have been discovered in lynx, the popular text-mode WWW browser The Common Vulnerabilities and Exposures Project identifies the following vulnerabilities: CVE-2004-1617 Michal Zalewski discovered that lynx is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in ...