CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4255 – W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
https://notcve.org/view.php?id=CVE-2023-4255
21 Dec 2023 — An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. Se descubrió un problema de escritura fuera de los límites en el manejo de retroceso de la función checkType() en etc.c dentro de la aplicación W3M. Esta vulnerabilidad se a... • https://bugzilla.redhat.com/show_bug.cgi?id=2255207 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-38253 – W3m: out of bounds read in growbuf_to_str() at w3m/indep.c
https://notcve.org/view.php?id=CVE-2023-38253
14 Jul 2023 — An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. • https://access.redhat.com/security/cve/CVE-2023-38253 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-38252 – W3m: out of bounds read in strnew_size() at w3m/str.c
https://notcve.org/view.php?id=CVE-2023-38252
14 Jul 2023 — An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. • https://access.redhat.com/security/cve/CVE-2023-38252 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38223 – Ubuntu Security Notice USN-5796-2
https://notcve.org/view.php?id=CVE-2022-38223
15 Aug 2022 — There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. Se presenta una escritura fuera de límites en checkType ubicada en etc.c en w3m 0.5.3. Puede desencadenarse mediante el envío de un archivo HTML diseñado al binario de w3m. • https://github.com/tats/w3m/issues/242 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-6196 – Ubuntu Security Notice USN-3555-2
https://notcve.org/view.php?id=CVE-2018-6196
25 Jan 2018 — w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. w3m hasta la versión 0.5.3 es propenso a un error de recursión infinita en HTMLlineproc0 debido a que la función feed_table_block_tag en table.c no evita un valor negativo de sangría. USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that w3m incorrectly handled cer... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-6197 – Ubuntu Security Notice USN-3555-2
https://notcve.org/view.php?id=CVE-2018-6197
25 Jan 2018 — w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. w3m hasta la versión 0.5.3 es propenso a un error de desreferencia de puntero NULL en formUpdateBuffer en form.c. USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6198 – Ubuntu Security Notice USN-3555-2
https://notcve.org/view.php?id=CVE-2018-6198
25 Jan 2018 — w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. w3m hasta la versión 0.5.3 no gestiona correctamente los archivos temporales cuando no se puede escribir en el directorio ~/.w3m, lo que permite que un atacante local cree un ataque symlink para sobrescribir archivos arbitrarios. USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubunt... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9435 – Gentoo Linux Security Advisory 201701-08
https://notcve.org/view.php?id=CVE-2016-9435
02 Jan 2017 — The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9436 – Gentoo Linux Security Advisory 201701-08
https://notcve.org/view.php?id=CVE-2016-9436
02 Jan 2017 — parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag. parsetagx.c en w3m en versiones anteriores a 0.5.3+git20161009 no inicia valores adecuadamente, lo que permite a atacantes remotos bloquear la aplicación a través de un archivo html manipulado, relacionado con una etiqueta . A large number of security issues were discovered in the w3m browser. If a user were tricked into... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9622 – Ubuntu Security Notice USN-3214-1
https://notcve.org/view.php?id=CVE-2016-9622
12 Dec 2016 — An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. Se descubrió un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegación de servicio (error de segmentación y caída) a través de una página HTML manipulada. A large number of security issues were discovered in the w3m browser. If a user were tr... • http://www.openwall.com/lists/oss-security/2016/11/24/1 • CWE-476: NULL Pointer Dereference •