Published: 20/01/2017 Updated: 29/12/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The HTMLtagproc1 function in file.c in w3m prior to 0.5.3+git20161009 does not properly initialize values, which allows remote malicious users to crash the application via a crafted html file, related to <dd> tags.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse project leap 42.1
opensuse leap 42.2
tats w3m

Debian Bug report logs - #844726 w3m: CVE-2016-9439: stack overflow Package: src:w3m; Maintainer for src:w3m is Tatsuya Kinoshita <tats@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 18 Nov 2016 13:39:01 UTC Severity: normal Tags: patch, security, upstream Found in version w3m/053-8 ...

Several security issues were fixed in w3m ...

The HTMLtagproc1 function in filec in w3m before 053+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags ...

Multiple issues have been discovered related to uninitialized values for <i> and <dd> HTML elements A missing PUSH_ENV(HTML_DL) call is leading to a conditional jump or move depending on an uninitialized value resulting in a stack overflow vulnerability ...

CWE-20 https://security.gentoo.org/glsa/201701-08 https://github.com/tats/w3m/issues/16 https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd http://www.securityfocus.com/bid/94407 http://www.openwall.com/lists/oss-security/2016/11/18/3 http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844726 https://usn.ubuntu.com/3214-1/https://nvd.nist.gov

CVE-2016-9435

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect