PT-2016-7747 · W3M+2 · W3M+2
Kcwu
·
Published
2016-12-11
·
Updated
2023-12-29
·
CVE-2016-9429
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
w3m versions prior to 0.5.3-31
Description
An issue in the w3m fork allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted HTML page. This is due to a buffer overflow in the
formUpdateBuffer function.Recommendations
For versions prior to 0.5.3-31, update to version 0.5.3-31 or later to resolve the issue. As a temporary workaround, consider restricting access to HTML pages from untrusted sources until the update is applied.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Ubuntu
W3M