Launchpad.net

CVE 2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme. NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value.

Related bugs and status

CVE-2004-1617 (Candidate) is related to these bugs:

Bug #27253: Lynx cannot access www.google.com (400 error)

Summary				In	Importance	Status
	27253	Lynx cannot access www.google.com (400 error)		lynx (Ubuntu)	High	Fix Released
	27253	Lynx cannot access www.google.com (400 error)		lynx (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20041018 Web browsers ...
MISC: http://lcamtuf.coredum...
BID: 11443
SECTRACK: 1011809
DEBIAN: DSA-1077
DEBIAN: DSA-1076
DEBIAN: DSA-1085
SECUNIA: 20383
BUGTRAQ: 20041018 Web browsers ...
XF: lynx-dos(17804)
BUGTRAQ: 20060602 Re: [SECURITY...