CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9625
https://notcve.org/view.php?id=CVE-2016-9625
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. Vulnerabilidad de recursión infinita en w3m permite a atacantes remotos provocar una denegación de servicio a través de una página HTML manipulada. • http://www.openwall.com/lists/oss-security/2016/11/24/1 https://github.com/tats/w3m/blob/master/ChangeLog https://github.com/tats/w3m/issues/36 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 23%CPEs: 9EXPL: 2CVE-2001-0700 – W3M 0.1/0.2 - Malformed MIME Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0700
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header. • https://www.exploit-db.com/exploits/20941 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000434 http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html http://www.debian.org/security/2001/dsa-064 http://www.debian.org/security/2001/dsa-081 http://www.securityfocus.com/archive/1/192371 http://www.securityfocus.com/bid/2895 https://exchange.xforce.ibmcloud.com/vulnerabilities/6725 •