Ubuntu Security Notice 851-1 - Teemu Salmela discovered that Elinks did not properly validate input when processing smb:// URLs. If a user were tricked into viewing a malicious website and had smbclient installed, a remote attacker could execute arbitrary code with the privileges of the user invoking the program. Jakub Wilk discovered a logic error in Elinks, leading to a buffer overflow. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
e385b5ee805aa042cb99249b4cb78fb23686a76ab8c16f9c3744e2d076a8fa2c
Debian Linux Security Advisory 1902-1 - Jakub Wilk discovered an off-by-one buffer overflow in the charset handling of elinks, a feature-rich text-mode WWW browser, which might lead to the execution of arbitrary code if the user is tricked into opening a malformed HTML page.
ab7558152f5769f58108096bfa6867cd768f8341b75249edf1024cce548af1f2