CVE-2012-5821
Description
Lynx does not verify that the servers certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.237
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Text-mode WWW Browser with NLS support (USN-1642-1) lynx-cur_2.8.8dev.9-2ubuntu0.12.04.1_i386.deb | Linux |
| Text-mode WWW Browser with NLS support (USN-1642-1) lynx-cur_2.8.8dev.9-2ubuntu0.12.04.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234