MidnightBSD

Advisories for links

CVE-2002-1405 MEDIUM

CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
university_of_kansas lynx 2.8.4_rel1
university_of_kansas lynx 2.8.3
university_of_kansas lynx 2.8.3_rel1
university_of_kansas lynx 2.8.2_rel1
university_of_kansas lynx 2.8.4
elinks elinks 0.2.4
links links 0.96
university_of_kansas lynx 2.8.5_dev8
elinks elinks 0.3.2
CVE-2004-1616 MEDIUM

Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
links links 0.98
links links 0.93
links links 0.99
links links 0.97
links links 0.91
links links 0.94
links links 0.96
links links 0.95
links links 0.92