CVE-1999-1549

Name of the Vulnerable Software and Affected Versions: Lynx versions 2.x

Description: The issue arises from Lynx not properly distinguishing between internal and external HTML. This may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.

Recommendations: For Lynx versions 2.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.