CVE-2005-3120

{"id": "CVE-2005-3120", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2005-10-17T20:06:00.000", "references": [{"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17150", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17216", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17230", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17231", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17238", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17248", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17340", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17360", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17444", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17445", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/17480", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/18376", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/18584", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/20383", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://securitytracker.com/id?1015065", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm", "tags": ["Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.debian.org/security/2005/dsa-874", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.debian.org/security/2005/dsa-876", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.debian.org/security/2006/dsa-1085", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml", "tags": ["Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:186", "tags": ["Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.novell.com/linux/security/advisories/2005_25_sr.html", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-803.html", "tags": ["Broken Link", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/archive/1/419763/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/archive/1/435689/30/4740/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/bid/15117", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253", "tags": ["Issue Tracking"], "source": "security@debian.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257", "tags": ["Broken Link"], "source": "security@debian.org"}, {"url": "https://usn.ubuntu.com/206-1/", "tags": ["Broken Link"], "source": "security@debian.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-131"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters."}], "lastModified": "2024-02-02T14:00:54.823", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:invisible-island:lynx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "678A8E2F-E386-4534-85A0-DEDC96407237", "versionEndIncluding": "2.8.6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3"}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "security@debian.org"}