VYPR

rpm package

suse/w3m&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

pkg:rpm/suse/w3m&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Vulnerabilities (27)

  • CVE-2016-9437MedDec 12, 2016
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.

  • CVE-2016-9434MedDec 12, 2016
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9425HigDec 12, 2016
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.

  • CVE-2016-9424HigDec 12, 2016
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page

  • CVE-2016-9423HigDec 12, 2016
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.

  • CVE-2016-9422HigDec 12, 2016
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arb

  • CVE-2010-2074Jun 16, 2010
    affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1

    istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attacke

Page 2 of 2