CVE-2008-7224

Published: 14/09/2009 Updated: 29/09/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Buffer overflow in entity_cache in ELinks prior to 0.11.4rc0 allows remote malicious users to cause a denial of service (crash) via a crafted link.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elinks elinks 0.11.1
elinks elinks 0.11.1-1
elinks elinks
elinks elinks 0.11.2

Teemu Salmela discovered that Elinks did not properly validate input when processing smb:// URLs If a user were tricked into viewing a malicious website and had smbclient installed, a remote attacker could execute arbitrary code with the privileges of the user invoking the program (CVE-2006-5925) ...

Jakub Wilk discovered an off-by-one buffer overflow in the charset handling of elinks, a feature-rich text-mode WWW browser, which might lead to the execution of arbitrary code if the user is tricked into opening a malformed HTML page For the old stable distribution (etch), this problem has been fixed in version 0111-12etch2 The stable distrib ...

CWE-119 http://linuxfromscratch.org/pipermail/elinks-users/2008-February/001604.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347 http://osvdb.org/41949 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10126 https://usn.ubuntu.com/851-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-7224

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect