CVE-2005-3120

Name of the Vulnerable Software and Affected Versions Lynx versions 2.8.6 and earlier

Description The issue is related to multiple vulnerabilities in the Lynx package, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, a stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

Recommendations For versions 2.8.6 and earlier, consider disabling the HTrjis function as a temporary workaround until a patch is available. Restrict access to NNTP servers to minimize the risk of exploitation. Avoid using article headers containing Asian characters in the affected Lynx versions until the issue is resolved.