| Revision Date: | 2005-11-11 | Version: | 502 |
| Title: | RHSA-2005:839: lynx security update (Critical) |
| Description: | Lynx is a text-based Web browser.
An arbitrary command execute bug was found in the lynx "lynxcgi:" URI handler. An attacker could create a web page redirecting to a malicious URL which could execute arbitrary code as the user running lynx. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2929 to this issue.
Users should update to this erratum package, which contains a backported patch to correct this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-2929
RHSA-2005:839-01
|
| Platform(s): | Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Release Information Red Hat Enterprise Linux 3 is installed
AND lynx is earlier than 0:2.8.5-11.2
AND lynx is signed with Red Hat master key
OR Package Information
Red Hat Enterprise Linux 4 is installed
AND lynx is earlier than 0:2.8.5-18.2
AND lynx is signed with Red Hat master key
|