Vulnerability Details : CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2005-3120
Probability of exploitation activity in the next 30 days: 4.36%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 92 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-3120
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2005-3120
-
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2005-3120
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
-
http://www.mandriva.com/security/advisories?name=MDKSA-2005:186
Advisories - Mandriva LinuxThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2005-803.html
SupportBroken Link;Vendor Advisory
-
http://secunia.com/advisories/17445
About Secunia Research | FlexeraBroken Link
-
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
Broken Link
-
http://secunia.com/advisories/17480
About Secunia Research | FlexeraBroken Link
-
http://www.debian.org/security/2006/dsa-1085
[SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilitiesMailing List;Third Party Advisory
-
http://secunia.com/advisories/18584
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/17150
About Secunia Research | FlexeraBroken Link
-
http://www.debian.org/security/2005/dsa-874
[SECURITY] [DSA 874-1] New lynx packages fix arbitrary code executionMailing List;Third Party Advisory
-
http://secunia.com/advisories/17238
About Secunia Research | FlexeraBroken Link
-
https://usn.ubuntu.com/206-1/
404: Page not found | UbuntuBroken Link
-
http://secunia.com/advisories/17360
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/17340
About Secunia Research | FlexeraBroken Link
-
http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
[Full-Disclosure] Mailing List CharterBroken Link;Patch;Vendor Advisory
-
http://secunia.com/advisories/17248
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/20383
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/17231
About Secunia Research | FlexeraBroken Link
-
http://www.novell.com/linux/security/advisories/2005_25_sr.html
404 Page Not Found | SUSEBroken Link
-
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
Broken Link
-
http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
Broken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
404 Not FoundBroken Link
-
http://secunia.com/advisories/18376
About Secunia Research | FlexeraBroken Link
-
http://www.securityfocus.com/archive/1/435689/30/4740/threaded
Broken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/17216
About Secunia Research | FlexeraBroken Link
-
http://securitytracker.com/id?1015065
Broken Link;Third Party Advisory;VDB Entry
-
http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml
Lynx: Buffer overflow in NNTP processing (GLSA 200510-15) — Gentoo securityThird Party Advisory
-
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
170253 – (CVE-2005-3120) CAN-2005-3120 lynx buffer overflowIssue Tracking
-
http://secunia.com/advisories/17230
About Secunia Research | FlexeraBroken Link
-
http://www.debian.org/security/2005/dsa-876
[SECURITY] [DSA 876-1] New lynx-ssl packages fix arbitrary code executionMailing List;Third Party Advisory
-
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
Broken Link
-
http://www.securityfocus.com/archive/1/419763/100/0/threaded
Broken Link;Third Party Advisory;VDB Entry
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
The Slackware Linux Project: Slackware Security AdvisoriesBroken Link
-
http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
Third Party Advisory
-
http://www.securityfocus.com/bid/15117
Broken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/17444
About Secunia Research | FlexeraBroken Link
- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:invisible-island:lynx:*:*:*:*:*:*:*:*