+++ This bug was initially created as a clone of Bug #152832 +++

04.42.20 CVE: Not Available
Platform: Cross Platform
Title: Lynx Malformed HTML Infinite Loop Denial of Service
Description: The Lynx web browser is vulnerable to a denial of service
condition while handling certain malformed HTML pages. This issue
sends the software into an infinite loop, consuming CPU resources for
the system.
Ref: http://www.securityfocus.com/archive/1/378632



------- Additional Comments From jpdalbec 2004-12-08 10:23:17 ----

backtrace:
#0  0x4207a7eb in chunk_alloc () from /lib/i686/libc.so.6
#1  0x4207a158 in malloc () from /lib/i686/libc.so.6
#2  0x08057c22 in mem_is_avail ()
#3  0x08057c6d in LY_check_calloc ()
#4  0x0805a208 in split_line ()
#5  0x0805c46d in HText_appendCharacter ()
#6  0x0809d9a5 in HTML_put_character ()
#7  0x080ac491 in HTML_end_element ()
#8  0x080e1ade in SGML_free ()
#9  0x080f30ce in HTMIME_free ()
#10 0x080d3906 in HTLoadHTTP ()
#11 0x080cfcf3 in HTLoad ()
#12 0x080d00f6 in HTLoadDocument ()
#13 0x080d0626 in HTLoadAbsolute ()
#14 0x0806ae79 in getfile ()
#15 0x08078bbe in mainloop ()
#16 0x0806da93 in main ()
#17 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6




------- Additional Comments From pekkas 2005-02-15 06:56:02 ----

FWIW, Red Hat has not released updates to this.



------- Bug moved to this database by dkl 2005-03-30 18:29 -------

This bug previously known as bug 2215 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2215
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P3. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Unknown severity minor. Setting to default severity "normal".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.