Page 8 of 37 results (0.020 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-9626

https://notcve.org/view.php?id=CVE-2016-9626

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. Vulnerabilidad de recursión infinita en w3m permite a atacantes remotos provocar una denegación de servicio a través de una página HTML manipulada. • http://www.openwall.com/lists/oss-security/2016/11/24/1 https://github.com/tats/w3m/blob/master/ChangeLog https://github.com/tats/w3m/issues/37 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 15%CPEs: 1EXPL: 0

CVE-2006-6772

https://notcve.org/view.php?id=CVE-2006-6772

Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL. Vulnerabilidad de cadena de formato en la función inputAnswer en file.c de w3m 0.5.2, cuando se ejecuta con la opción de volcado (dump) o backend, permite a atacantes remotos ejecutar código de su elección mediante especificadores de cadena de formato en el campo Nombre Común (Common Name o CN) de un certificado SSL. • http://fedoranews.org/cms/node/2415 http://fedoranews.org/cms/node/2416 http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051457.html http://secunia.com/advisories/23492 http://secunia.com/advisories/23588 http://secunia.com/advisories/23717 http://secunia.com/advisories/23773 http://secunia.com/advisories/23792 http://security.gentoo.org/glsa/glsa-200701-06.xml http://securitytracker.com/id?1017440 http://sourceforge.net/tracker/index.php?func=detail&aid=16 • CWE-134: Use of Externally-Controlled Format String •