Use After Free Vulnerability in Lynx HTML Parser Allows Memory Disclosure

Use After Free Vulnerability in Lynx HTML Parser Allows Memory Disclosure

CVE-2017-1000211 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

Learn more about our Web Application Penetration Testing UK.