FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

elinks -- buffer overflow vulnerability

Affected packages
elinks < 0.11.4

Details

VuXML ID 2544f543-c178-11de-b175-001cc0377035
Discovery 2006-07-29
Entry 2009-10-25

SecurityFocus reports:

ELinks is prone to an off-by-one buffer-overflow vulnerability because the application fails to accurately reference the last element of a buffer.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

[source]

References

Bugtraq ID 36574
CVE Name CVE-2008-7224
Message 20080204235429.GA28006@diku.dk
URL http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.