CVE-2005-3120
CRITICALCVSS 9.8/10EPSS 23.26%
Last modified
CVE-2005-3120 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.. EPSS estimates a 23.26% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Invisible-Island | Lynx | <= 2.8.6 |
| Debian | Debian Linux | 3.0 |
| Debian | Debian Linux | 3.1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.htmlBroken Link, Patch, Vendor Advisory
- http://secunia.com/advisories/17150Broken Link
- http://secunia.com/advisories/17216Broken Link
- http://secunia.com/advisories/17230Broken Link
- http://secunia.com/advisories/17231Broken Link
- http://secunia.com/advisories/17238Broken Link
- http://secunia.com/advisories/17248Broken Link
- http://secunia.com/advisories/17340Broken Link
- http://secunia.com/advisories/17360Broken Link
- http://secunia.com/advisories/17444Broken Link
- http://secunia.com/advisories/17445Broken Link
- http://secunia.com/advisories/17480Broken Link
- http://secunia.com/advisories/18376Broken Link
- http://secunia.com/advisories/18584Broken Link
- http://secunia.com/advisories/20383Broken Link
- http://securitytracker.com/id?1015065Broken Link, Third Party Advisory, VDB Entry
- http://support.avaya.com/elmodocs2/security/ASA-2006-010.htmThird Party Advisory
- http://www.debian.org/security/2005/dsa-874Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-876Mailing List, Third Party Advisory
- http://www.debian.org/security/2006/dsa-1085Mailing List, Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200510-15.xmlThird Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:186Third Party Advisory
- http://www.redhat.com/support/errata/RHSA-2005-803.htmlBroken Link, Vendor Advisory
- http://www.securityfocus.com/archive/1/419763/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/archive/1/435689/30/4740/threadedBroken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/15117Broken Link, Third Party Advisory, VDB Entry
- https://usn.ubuntu.com/206-1/Broken Link
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.htmlBroken Link, Patch, Vendor Advisory
- http://secunia.com/advisories/17150Broken Link
- http://secunia.com/advisories/17216Broken Link
- http://secunia.com/advisories/17230Broken Link
- http://secunia.com/advisories/17231Broken Link
- http://secunia.com/advisories/17238Broken Link
- http://secunia.com/advisories/17248Broken Link
- http://secunia.com/advisories/17340Broken Link
- http://secunia.com/advisories/17360Broken Link
- http://secunia.com/advisories/17444Broken Link
- http://secunia.com/advisories/17445Broken Link
- http://secunia.com/advisories/17480Broken Link
- http://secunia.com/advisories/18376Broken Link
- http://secunia.com/advisories/18584Broken Link
- http://secunia.com/advisories/20383Broken Link
- http://securitytracker.com/id?1015065Broken Link, Third Party Advisory, VDB Entry
- http://support.avaya.com/elmodocs2/security/ASA-2006-010.htmThird Party Advisory
- http://www.debian.org/security/2005/dsa-874Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-876Mailing List, Third Party Advisory
- http://www.debian.org/security/2006/dsa-1085Mailing List, Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200510-15.xmlThird Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:186Third Party Advisory
- http://www.redhat.com/support/errata/RHSA-2005-803.htmlBroken Link, Vendor Advisory
- http://www.securityfocus.com/archive/1/419763/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/archive/1/435689/30/4740/threadedBroken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/15117Broken Link, Third Party Advisory, VDB Entry
- https://usn.ubuntu.com/206-1/Broken Link
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-3120?
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
How severe is CVE-2005-3120?
CVE-2005-3120 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 23.26% probability of exploitation in the next 30 days.
How do I fix CVE-2005-3120?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2005-3120?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST