CVE-2005-3120
CRITICALLynx <2.8.6 - Buffer Overflow
Title source: llmDescription
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Ulf Harnhammar · perldosmultiple
https://www.exploit-db.com/exploits/1256
github
NO CODE
by gitcollect · cpoc
https://github.com/gitcollect/CVE_Exploits/tree/master/cve-2005-3120
References (35)
... and 15 more
Scores
CVSS v3
9.8
EPSS
0.3044
EPSS Percentile
96.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-131
Status
published
Products (3)
debian/debian_linux
3.0
debian/debian_linux
3.1
invisible-island/lynx
< 2.8.6
Published
Oct 17, 2005
Tracked Since
Feb 18, 2026