Product:

W3m

(Tats)
Repositories https://github.com/tats/w3m
#Vulnerabilities 40
Date Id Summary Products Score Patch Annotated
2016-12-12 CVE-2016-9629 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. W3m 6.5
2016-12-12 CVE-2016-9630 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. W3m 6.5
2016-12-12 CVE-2016-9631 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. W3m 6.5
2016-12-12 CVE-2016-9632 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. W3m 6.5
2016-12-12 CVE-2016-9633 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page. W3m 6.5
2017-01-20 CVE-2016-9435 The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags. Leap, Leap, W3m 6.5
2017-01-20 CVE-2016-9436 parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag. Leap, Leap, W3m 6.5
2018-01-25 CVE-2018-6196 w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. Ubuntu_linux, W3m 7.5
2018-01-25 CVE-2018-6197 w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. Ubuntu_linux, W3m 7.5
2018-01-25 CVE-2018-6198 w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. Ubuntu_linux, W3m 4.7