Origin Validation Error
CVE-1999-1549
Summary
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-346 - Origin Validation Error
The software does not properly verify that the source of data or communication is valid.
References
Advisory Timeline
- Published