CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9626
https://notcve.org/view.php?id=CVE-2016-9626
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. Vulnerabilidad de recursión infinita en w3m permite a atacantes remotos provocar una denegación de servicio a través de una página HTML manipulada. • http://www.openwall.com/lists/oss-security/2016/11/24/1 https://github.com/tats/w3m/blob/master/ChangeLog https://github.com/tats/w3m/issues/37 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2002-1348
https://notcve.org/view.php?id=CVE-2002-1348
w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. w3m anteriores a 0.3.2.2 no escapan adecuadamente las etiquetas HTML en el atributo ALT de una etiqueta IMG, lo que podría permitir a atacantes remotos acceder ficheros o cookies • http://marc.info/?l=bugtraq&m=104552193927323&w=2 http://sourceforge.net/project/shownotes.php?release_id=126233 http://www.debian.org/security/2003/dsa-249 http://www.debian.org/security/2003/dsa-250 http://www.debian.org/security/2003/dsa-251 http://www.iss.net/security_center/static/11266.php http://www.redhat.com/support/errata/RHSA-2003-044.html http://www.redhat.com/support/errata/RHSA-2003-045.html http://www.securityfocus.com/bid/6794 https://access •
CVSS: 7.5EPSS: 23%CPEs: 9EXPL: 2CVE-2001-0700 – W3M 0.1/0.2 - Malformed MIME Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0700
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header. • https://www.exploit-db.com/exploits/20941 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000434 http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html http://www.debian.org/security/2001/dsa-064 http://www.debian.org/security/2001/dsa-081 http://www.securityfocus.com/archive/1/192371 http://www.securityfocus.com/bid/2895 https://exchange.xforce.ibmcloud.com/vulnerabilities/6725 •