CVE-2002-1405

Published Feb 19, 2003

Last updated 8 years ago

Overview

Description: CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:elinks:elinks:0.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC9B529C-E151-4468-844A-EF9446175D81"
          },
          {
            "criteria": "cpe:2.3:a:elinks:elinks:0.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7DC0333-37D1-40B5-821A-839C1817DA4B"
          },
          {
            "criteria": "cpe:2.3:a:links:links:0.96:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9711D879-CD97-487D-9DC1-5B26145874C8"
          },
          {
            "criteria": "cpe:2.3:a:university_of_kansas:lynx:2.8.2_rel1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0387441-C971-487A-8379-1F2B91CD6EC9"
          },
          {
            "criteria": "cpe:2.3:a:university_of_kansas:lynx:2.8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DA626DE-D9B2-4764-80AA-7D4F499184F4"
          },
          {
            "criteria": "cpe:2.3:a:university_of_kansas:lynx:2.8.3_rel1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7680912-C6C7-44BD-AD1B-0828E4F03482"
          },
          {
            "criteria": "cpe:2.3:a:university_of_kansas:lynx:2.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6033263D-6B30-4002-B9F5-4062FD09B815"
          },
          {
            "criteria": "cpe:2.3:a:university_of_kansas:lynx:2.8.4_rel1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCD15F97-2B1A-4C28-B5BC-6B6A6E389831"
          },
          {
            "criteria": "cpe:2.3:a:university_of_kansas:lynx:2.8.5_dev8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79AB7C16-A5E4-4D7F-B879-5E13917449C3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References