Vulnerability CVE-2017-1000211

Vulnerability Name:

CVE-2017-1000211 (CCN-135738)

Assigned:

2017-07-06

Published:

2017-07-06

Updated:

2018-02-04

Summary:

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

CVSS v3 Severity:

5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-416

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2017-1000211

Source: CONFIRM
Type: Release Notes, Vendor Advisory
http://lynx.invisible-island.net/current/CHANGES.html

Source: BID
Type: UNKNOWN
102180

Source: CCN
Type: BID-102180
Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability

Source: XF
Type: UNKNOWN
lynx-cve20171000211-info-disc(135738)

Source: CCN
Type: lynx-snapshots GIT Repository
lynx-snapshots

Source: MISC
Type: Release Notes, Third Party Advisory
https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20171118 [SECURITY] [DLA 1175-1] lynx-cur security update

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-1000211

Vulnerable Configuration:

Configuration 1:

cpe:/a:lynx_project:lynx:2.8.9:dev15:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:lynx:lynx:2.8.8:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:11163	P	Security update for c-toxcore (Moderate)	2021-12-30
oval:org.opensuse.security:def:11149	P	Security update for tor (Moderate)	2021-11-29
oval:org.opensuse.security:def:11148	P	Security update for hylafax+ (Moderate)	2021-11-21
oval:org.opensuse.security:def:11130	P	Security update for fail2ban (Important)	2021-09-16
oval:org.opensuse.security:def:11115	P	Security update for prosody (Moderate)	2021-08-21
oval:org.opensuse.security:def:20171000211	V	CVE-2017-1000211	2021-08-15
oval:org.opensuse.security:def:11101	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:11324	P	iputils-s20121221-2.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11973	P	mutt-1.6.0-54.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11951	P	libtasn1-3.7-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12006	P	radvd-1.9.7-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11313	P	gnome-online-accounts-3.10.5-1.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11984	P	patch-2.7.5-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11300	P	flash-player-11.2.202.406-1.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11346	P	libXtst6-1.2.2-3.60 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11291	P	elfutils-0.158-3.200 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11333	P	libIlmImf-Imf_2_1-21-2.1.0-4.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11282	P	curl-7.37.0-2.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11224	P	Security update for upx (Moderate)	2021-05-30
oval:org.opensuse.security:def:11182	P	Security update for python-djangorestframework (Important)	2021-02-25
oval:org.opensuse.security:def:11033	P	Security update for blosc (Moderate)	2020-12-26
oval:org.opensuse.security:def:11025	P	Security update for pngcheck (Moderate)	2020-12-10
oval:org.opensuse.security:def:11022	P	Security update for minidlna (Moderate)	2020-12-08
oval:org.opensuse.security:def:11257	P	python-pymongo-2.6.3-2.20 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:27096	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28225	P	Security update for libsndfile (Moderate)	2020-12-01
oval:org.opensuse.security:def:27015	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26812	P	python-sssd-config on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27587	P	xorg-x11-libXt-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27490	P	libtasn1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26887	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26811	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27543	P	python-crypto on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27441	P	libdrm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11068	P	libsrtp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26823	P	star on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27529	P	osc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27388	P	dbus-1-glib-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10992	P	libexempi-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11249	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27237	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11000	P	libgnomesu-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27153	P	jpeg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11055	P	libquicktime-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28260	P	Security update for lynx (Moderate)	2020-12-01
oval:com.ubuntu.xenial:def:201710002110000000	V	CVE-2017-1000211 on Ubuntu 16.04 LTS (xenial) - medium.	2017-11-17
oval:com.ubuntu.artful:def:20171000211000	V	CVE-2017-1000211 on Ubuntu 17.10 (artful) - medium.	2017-11-17
oval:com.ubuntu.bionic:def:20171000211000	V	CVE-2017-1000211 on Ubuntu 18.04 LTS (bionic) - medium.	2017-11-17
oval:com.ubuntu.cosmic:def:201710002110000000	V	CVE-2017-1000211 on Ubuntu 18.10 (cosmic) - medium.	2017-11-17
oval:com.ubuntu.cosmic:def:20171000211000	V	CVE-2017-1000211 on Ubuntu 18.10 (cosmic) - medium.	2017-11-17
oval:com.ubuntu.bionic:def:201710002110000000	V	CVE-2017-1000211 on Ubuntu 18.04 LTS (bionic) - medium.	2017-11-17
oval:com.ubuntu.xenial:def:20171000211000	V	CVE-2017-1000211 on Ubuntu 16.04 LTS (xenial) - medium.	2017-11-17

BACK