Links: Denial of Service — GLSA 201402-11

An integer overflow in Links might allow remote attackers to cause a Denial of Service condition.

Affected Packages

www-client/links on all architectures
Affected versions < 2.8-r1
Unaffected versions >= 2.8-r1

Background

Links is a web browser which runs in both graphics and text modes.

Description

An integer overflow vulnerability was found in the parsing of HTML tables in the Links web browser when running in graphical mode.

Impact

A remote attacker could possibly cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Links users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/links-2.8-r1"
 

References

Release Date
February 07, 2014

Latest Revision
February 07, 2014: 1

Severity
normal

Exploitable
remote

Bugzilla entries