Unrated severityNVD Advisory· Published Dec 27, 2006· Updated Jun 16, 2026
CVE-2006-6772
CVE-2006-6772
Description
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
22- secunia.com/advisories/23492nvdVendor Advisory
- secunia.com/advisories/23588nvdVendor Advisory
- secunia.com/advisories/23717nvdVendor Advisory
- secunia.com/advisories/23773nvdVendor Advisory
- secunia.com/advisories/23792nvdVendor Advisory
- www.vupen.com/english/advisories/2006/5164nvdVendor Advisory
- fedoranews.org/cms/node/2415nvd
- fedoranews.org/cms/node/2416nvd
- lists.grok.org.uk/pipermail/full-disclosure/2006-December/051457.htmlnvd
- security.gentoo.org/glsa/glsa-200701-06.xmlnvd
- securitytracker.com/idnvd
- sourceforge.net/tracker/index.phpnvd
- w3m.cvs.sourceforge.net/%2Acheckout%2A/w3m/w3m/NEWSnvd
- w3m.cvs.sourceforge.net/w3m/w3m/file.cnvd
- w3m.cvs.sourceforge.net/w3m/w3m/file.cnvd
- www.novell.com/linux/security/advisories/2007_05_w3m.htmlnvd
- www.openpkg.com/security/advisories/OpenPKG-SA-2006.044.htmlnvd
- www.securityfocus.com/bid/21735nvd
- www.securityfocus.com/bid/24332nvd
- www.ubuntu.com/usn/usn-399-1nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/31114nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34821nvd
News mentions
0No linked articles in our index yet.