VYPR

rpm package

opensuse/w3m&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/w3m&distro=openSUSE%20Tumbleweed

Vulnerabilities (31)

  • CVE-2016-9443MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9442MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.

  • CVE-2016-9441MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9440MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9439MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.

  • CVE-2016-9438MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9437MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.

  • CVE-2016-9434MedDec 12, 2016
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2012-4929Sep 15, 2012
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing

  • CVE-2010-2074Jun 16, 2010
    affected < 0.5.3.git20161120-1.1fixed 0.5.3.git20161120-1.1

    istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attacke

  • CVE-2006-6772Dec 27, 2006
    affected < 0.5.3+git20180125-1.14fixed 0.5.3+git20180125-1.14

    Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an h

Page 2 of 2