Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w3m w3m vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1348
w3m prior to 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote malicious users to access files or cookies.
W3m W3m 0.2.1
W3m W3m 0.2.2
W3m W3m 0.3.2
W3m W3m 0.3.2.1
W3m W3m 0.3.2.2
W3m W3m 0.2.5
W3m W3m 0.2.5.1
W3m W3m 0.2.3
W3m W3m 0.2.4
W3m W3m 0.2
W3m W3m 0.3
W3m W3m 0.3.1
7.5
CVSSv2
CVE-2001-0700
Buffer overflow in w3m 0.2.1 and previous versions allows a remote malicious user to execute arbitrary code via a long base64 encoded MIME header.
W3m W3m 0.1.8
W3m W3m 0.1.9
W3m W3m 0.1.10
W3m W3m 0.2
W3m W3m
W3m W3m 0.1.3
W3m W3m 0.1.4
W3m W3m 0.1.6
W3m W3m 0.1.7
1 EDB exploit
6.8
CVSSv2
CVE-2010-2074
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the...
W3m W3m 0.5.2
9.3
CVSSv2
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m prior to 0.5.2, when run with the dump or backend option, allows remote malicious users to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated w...
W3m W3m 0.5.1
4.3
CVSSv2
CVE-2002-1335
Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote malicious users to insert arbitrary web script or HTML and access files or cookies.
W3m W3m 0.3.2
NA
CVE-2023-4255
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to applic...
Tats W3m 0.5.3\\+git20230129
Tats W3m 0.5.3\\+git20230121-1
Tats W3m 0.5.3\\+git20230121-2
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 39
4.3
CVSSv2
CVE-2016-9633
An issue exists in the Tatsuya Kinoshita w3m fork prior to 0.5.3-33. w3m allows remote malicious users to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
Tats W3m
NA
CVE-2022-38223
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an malicious user to cause Denial of Service or possibly have unspecified other impact.
Tats W3m 0.5.3
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5
CVSSv2
CVE-2018-6196
w3m up to and including 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
Tats W3m
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-6197
w3m up to and including 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
Tats W3m
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »