VYPR
High severity7.8NVD Advisory· Published Nov 16, 1999· Updated Jun 16, 2026

CVE-1999-1549

CVE-1999-1549

Description

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Lynx/Lynx3 versions
    cpe:2.3:a:lynx_project:lynx:2.7:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:lynx_project:lynx:2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:lynx_project:lynx:2.8:*:*:*:*:*:*:*
    • (no CPE)range: 2.x

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.