Published: 04/11/2012 Updated: 09/02/2024

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle malicious users to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
lynx lynx -
canonical ubuntu linux 11.10
canonical ubuntu linux 12.10
canonical ubuntu linux 10.04
canonical ubuntu linux 12.04

Two security issues were fixed in Lynx ...

Debian Bug report logs - #692444 tweepy: CVE-2012-5825 Fail to verify hostname against X509 certificate Package: tweepy; Maintainer for tweepy is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 6 Nov 2012 11:12:02 UTC Severity: im ...

Debian Bug report logs - #692443 lynx-cur: CVE-2012-5821 Package: lynx-cur; Maintainer for lynx-cur is Debian Lynx Packaging Team <pkg-lynx-maint@listsaliothdebianorg>; Source for lynx-cur is src:lynx (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 6 Nov 2012 11:03:01 UTC Severi ...

CWE-295 http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf http://www.ubuntu.com/usn/USN-1642-1 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0351 http://www.mandriva.com/security/advisories?name=MDVSA-2013:101 https://exchange.xforce.ibmcloud.com/vulnerabilities/79930 https://usn.ubuntu.com/1642-1/https://nvd.nist.gov

CVE-2012-5821

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect