CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-6197 – Ubuntu Security Notice USN-3555-2
https://notcve.org/view.php?id=CVE-2018-6197
25 Jan 2018 — w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. w3m hasta la versión 0.5.3 es propenso a un error de desreferencia de puntero NULL en formUpdateBuffer en form.c. USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6198 – Ubuntu Security Notice USN-3555-2
https://notcve.org/view.php?id=CVE-2018-6198
25 Jan 2018 — w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. w3m hasta la versión 0.5.3 no gestiona correctamente los archivos temporales cuando no se puede escribir en el directorio ~/.w3m, lo que permite que un atacante local cree un ataque symlink para sobrescribir archivos arbitrarios. USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubunt... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1CVE-2018-6196 – Ubuntu Security Notice USN-3555-2
https://notcve.org/view.php?id=CVE-2018-6196
25 Jan 2018 — w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. w3m hasta la versión 0.5.3 es propenso a un error de recursión infinita en HTMLlineproc0 debido a que la función feed_table_block_tag en table.c no evita un valor negativo de sangría. USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that w3m incorrectly handled cer... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9436 – Gentoo Linux Security Advisory 201701-08
https://notcve.org/view.php?id=CVE-2016-9436
02 Jan 2017 — parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag. parsetagx.c en w3m en versiones anteriores a 0.5.3+git20161009 no inicia valores adecuadamente, lo que permite a atacantes remotos bloquear la aplicación a través de un archivo html manipulado, relacionado con una etiqueta . A large number of security issues were discovered in the w3m browser. If a user were tricked into... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9435 – Gentoo Linux Security Advisory 201701-08
https://notcve.org/view.php?id=CVE-2016-9435
02 Jan 2017 — The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9628 – Ubuntu Security Notice USN-3214-1
https://notcve.org/view.php?id=CVE-2016-9628
12 Dec 2016 — An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegación de servicio (error de segmentación y caída) a través de una página HTML manipulada. A large number of security issues were discovered in the w3m browser. If a user were tr... • http://www.openwall.com/lists/oss-security/2016/11/24/1 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9632 – Ubuntu Security Notice USN-3214-1
https://notcve.org/view.php?id=CVE-2016-9632
12 Dec 2016 — An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegación de servicio (desbordamiento global del búfer y caída) a través de una página HTML manipulada. A large number of security issues were discovered in the w3m browser. If ... • http://www.openwall.com/lists/oss-security/2016/11/24/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9624 – Ubuntu Security Notice USN-3214-1
https://notcve.org/view.php?id=CVE-2016-9624
12 Dec 2016 — An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegación de servicio (error de segmentación y caída) a través de una página HTML manipulada. A large number of security issues were discovered in the w3m browser. If a user were tr... • http://www.openwall.com/lists/oss-security/2016/11/24/1 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9633 – Ubuntu Security Notice USN-3214-1
https://notcve.org/view.php?id=CVE-2016-9633
12 Dec 2016 — An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegación de servicio (bucle infinito y consumo de recursos) a través de una página HTML manipulada. A large number of security issues were discovered in the w3m browser. ... • http://www.openwall.com/lists/oss-security/2016/11/24/1 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9433 – Gentoo Linux Security Advisory 201701-08
https://notcve.org/view.php?id=CVE-2016-9433
12 Dec 2016 — An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-31. w3m permite a atacantes remotos provocar una denegación de servicio (acceso al array fuera de los límites) a través de una página HTML manipulada. A large number of security issues were discovered in the w3m browser. If a user we... • http://www.openwall.com/lists/oss-security/2016/11/18/3 • CWE-125: Out-of-bounds Read •