Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w3m vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1348
w3m prior to 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote malicious users to access files or cookies.
W3m W3m 0.2.1
W3m W3m 0.2.2
W3m W3m 0.3.2
W3m W3m 0.3.2.1
W3m W3m 0.3.2.2
W3m W3m 0.2.5
W3m W3m 0.2.5.1
W3m W3m 0.2.3
W3m W3m 0.2.4
W3m W3m 0.2
W3m W3m 0.3
W3m W3m 0.3.1
NA
CVE-2001-0700
Buffer overflow in w3m 0.2.1 and previous versions allows a remote malicious user to execute arbitrary code via a long base64 encoded MIME header.
W3m W3m 0.1.8
W3m W3m 0.1.9
W3m W3m 0.1.10
W3m W3m 0.2
W3m W3m
W3m W3m 0.1.3
W3m W3m 0.1.4
W3m W3m 0.1.6
W3m W3m 0.1.7
1 EDB exploit
NA
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m prior to 0.5.2, when run with the dump or backend option, allows remote malicious users to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated w...
W3m W3m 0.5.1
NA
CVE-2010-2074
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the...
W3m W3m 0.5.2
NA
CVE-2002-1335
Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote malicious users to insert arbitrary web script or HTML and access files or cookies.
W3m W3m 0.3.2
5.5
CVSSv3
CVE-2023-4255
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to applic...
Tats W3m 0.5.3\\+git20230129
Tats W3m 0.5.3\\+git20230121-1
Tats W3m 0.5.3\\+git20230121-2
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 39
6.5
CVSSv3
CVE-2016-9633
An issue exists in the Tatsuya Kinoshita w3m fork prior to 0.5.3-33. w3m allows remote malicious users to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
Tats W3m
7.8
CVSSv3
CVE-2022-38223
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an malicious user to cause Denial of Service or possibly have unspecified other impact.
Tats W3m 0.5.3
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2023-38252
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an malicious user to cause a denial of service through a crafted HTML file.
Tats W3m 0.5.3\\+git20230121
Redhat Enterprise Linux 6.0
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-38253
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an malicious user to cause a denial of service through a crafted HTML file.
Tats W3m 0.5.3\\+git20230121
Redhat Enterprise Linux 6.0
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »