rpm package
suse/w3m&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/w3m&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9437 | Med | 6.5 | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page. | |
| CVE-2016-9434 | Med | 6.5 | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |
| CVE-2016-9425 | Hig | 8.8 | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |
| CVE-2016-9424 | Hig | 8.8 | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page | |
| CVE-2016-9423 | Hig | 8.8 | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |
| CVE-2016-9422 | Hig | 8.8 | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arb | |
| CVE-2010-2074 | — | < 0.5.3.git20161120-4.1 | 0.5.3.git20161120-4.1 | Jun 16, 2010 | istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attacke |
- affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
- affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
- affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page
- affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
- affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arb
- CVE-2010-2074Jun 16, 2010affected < 0.5.3.git20161120-4.1fixed 0.5.3.git20161120-4.1
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attacke
Page 2 of 2