October 5, 2009

Red Hat Security Advisory 2009:1471-1: Important: elinks security update

Article Source Red Hat Security Updates

An updated elinks package that fixes two security issues is now available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having important security impact by the Red Hat Security Response Team.

ELinks is a text-based Web browser. ELinks does not display any images, but it does support frames, tables, and most other HTML tags.

An off-by-one buffer overflow flaw was discovered in the way ELinks handled its internal cache of string representations for HTML special entities. A remote attacker could use this flaw to create a specially-crafted HTML file
that would cause ELinks to crash or, possibly, execute arbitrary code when rendered. (CVE-2008-7224)...

Read More

Click Here!