Published: 27/10/2008 Updated: 11/10/2017

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Untrusted search path vulnerability in Lynx prior to 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
lynx lynx 2.8.6
lynx lynx
lynx lynx 2.8.4
lynx lynx 2.8.3
lynx lynx 2.8.5
lynx lynx 2.8.1
lynx lynx 2.8.2

Synopsis Important: lynx security update Type/Severity Security Advisory: Important Topic An updated lynx package that corrects two security issues is now availablefor Red Hat Enterprise Linux 21, 3, 4, and 5This update has been rated as having important security impact by the RedHat Security Response Tea ...

source: wwwsecurityfocuscom/bid/31917/info Lynx is prone to a local code-execution vulnerability Successful exploits may allow attackers to execute arbitrary code within the context of the user running the affected application Versions prior to Lynx 286rel4 are affected mimetypes: application/x-bug bug mailcap: application/x- ...

NVD-CWE-Other http://www.openwall.com/lists/oss-security/2008/10/25/3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949 https://bugzilla.redhat.com/show_bug.cgi?id=214205 http://www.securitytracker.com/id?1021107 http://secunia.com/advisories/32407 http://www.securityfocus.com/bid/31917 http://www.redhat.com/support/errata/RHSA-2008-0965.html http://secunia.com/advisories/32416 http://www.mandriva.com/security/advisories?name=MDVSA-2008:217 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://secunia.com/advisories/33568 https://exchange.xforce.ibmcloud.com/vulnerabilities/46132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9719 https://access.redhat.com/errata/RHSA-2008:0965 https://nvd.nist.gov https://www.exploit-db.com/exploits/32530/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-7234

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect