CVE-2010-2810

Public Date:
2010-08-05
CWE:
CWE-122
Bugzilla:
630677: CVE-2010-2810 Lynx: Heap-based buffer overflow by processing URLs with % (percent) character in the domain name

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name.

Find out more about CVE-2010-2810 from the MITRE CVE dictionary dictionary and NIST NVD.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 lynx Not affected
Red Hat Enterprise Linux 5 lynx Not affected
Red Hat Enterprise Linux 4 lynx Not affected
Red Hat Enterprise Linux 3 lynx Not affected

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.