CVE-2004-1617

Name of the Vulnerable Software and Affected Versions Lynx, lynx-ssl, and lynx-cur versions prior to 2.8.6dev.8

Description The issue allows remote attackers to cause a denial of service, potentially leading to disruption of confidentiality, integrity, and availability of protected information. This can be triggered by a web page or HTML email containing invalid HTML, including a TEXTAREA tag with a large COLS value. The exploitation of this issue can be performed remotely.

Recommendations For versions prior to 2.8.6dev.8, update to version 2.8.6dev.8 or later to resolve the issue. As a temporary workaround, consider restricting access to web pages or HTML emails that may contain invalid HTML until a patch is available.