Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1549


Vulnerability Score 5.0 5.0
CVE Id CVE-1999-1549
Last Modified 05 Sep 2008 04:19:47
Published 16 Nov 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.

Vulnerable Systems


  • University Of Kansas Lynx 2.7

  • University Of Kansas Lynx 2.8


BID - 804

BUGTRAQ - 19991116 lynx 2.8.x - 'special URLs' anti-spoofing protection is weak

Last Updated: 27 May 2016 10:35:29