Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx

Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx
BugsAlert Home > Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx




LinuxSecurity.com: A vulnerability was found in the Lynxcgi: URI handler that could allow an attacker to create a web page redirecting to a malicious URL that would execute arbitrary code as the user running Lynx, if they were using the non-default Advanced user mode (CVE-2008-4690). This update corrects these issues and, in addition, makes Lynx always prompt the user before loading a lynxcgi: URI. As well, the default lynx.cfg configuration file marks all lynxcgi: URIs as untrusted. Original Source: http://www.linuxsecurity.com/content/view/143698?rdf Learn more about Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx


Tags: mandriva subject security announce mdvsa-2008 218 lynx

Related Items
FrSIRT - fuzzylime (cms) "admindir" Parameter Remote File Inclusion Vulnerability
Nixu Secure Name Server BIND Query Port DNS Cache Poisoning
VU#732449:Liferay Portal User Profile Greeting stored XSS
FrSIRT - VideoLAN VLC Media Player MP4 Demuxer Code Execution Vulnerability
Mandriva: Subject: [Security Announce] [ MDVSA-2008:182-1 ] wordnet
Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
VU#179281:Electronic Arts SnoopyCtrl ActiveX control and plug-in stack buffer overflows