University Of Kansas

university_of_kansas

6 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-2929 1University Of Kansas 1Lynx Apr 16, 2026 Nov 18, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configurat...Show more Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.Show less
CVE-2004-1617 1University Of Kansas 1Lynx Apr 16, 2026 Oct 18, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS va...Show more Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme. NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value.Show less
CVE-2002-1405 3Elinks LinksUniversity Of Kansas 3Elinks LinksLynx Apr 16, 2026 Feb 19, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line fe...Show more CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.Show less
CVE-2000-0209 1University Of Kansas 1Lynx Apr 16, 2026 Feb 27, 2000 N/A· v4 N/A· v3 7.6 HIGH· v2 Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page.
CVE-1999-0817 1University Of Kansas 1Lynx Apr 16, 2026 Sep 15, 1999 N/A· v4 N/A· v3 10.0 HIGH· v2 Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
CVE-1999-0371 1University Of Kansas 1Lynx Apr 16, 2026 Feb 11, 1999 N/A· v4 N/A· v3 1.2 LOW· v2 Lynx allows a local user to overwrite sensitive files through /tmp symlinks.