Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.

Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx

BugsAlert Home > Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx
 
 

LinuxSecurity.com: A vulnerability was found in the Lynxcgi: URI handler that could allow an attacker to create a web page redirecting to a malicious URL that would execute arbitrary code as the user running Lynx, if they were using the non-default Advanced user mode (CVE-2008-4690). This update corrects these issues and, in addition, makes Lynx always prompt the user before loading a lynxcgi: URI. As well, the default lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.




Original Source: http://www.linuxsecurity.com/content/view/143698?rdf

Learn more about Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx
 
Tags: mandriva subject security announce mdvsa-2008 218 lynx

Related Items

      Youtube Clone Xross Site Scripting (load_message.php)

      Bugtraq: Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit

      Crash on is_subclass_of() under special conditions

      Rumbling Edge - Thunderbird: Thunderbird 3 Beta 2 Released

      CRYP_XED-22

      VUPEN - Random Images for TYPO3 Remote Command Injection Vulnerability

      Firefox Support Blog: Minutes of SUMO meeting 2009-08-17

 

Pixel