elinks

Page content
  • Author: voroskoi
  • Vulnerable: 0.11.2-1
  • Unaffected: 0.11.2-2terminus1

Arnaud Giersch has reported a weakness in ELinks, which potentially can be exploited by malicious, local users to gain escalated privileges. The weakness is caused due to the “add_filename_to_string()” function in src/intl/gettext/loadmsgcat.c reading gettext catalogs from potentially untrusted paths. This can be exploited to execute arbitrary code with escalated privileges by enticing another user to run ELinks in a specially prepared directory environment.

CVEs: