Published: 12/12/2016 Updated: 13/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

An issue exists in the Tatsuya Kinoshita w3m fork prior to 0.5.3-33. w3m allows remote malicious users to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

Affected Products

Vendor Product Versions
W3m ProjectW3m0.5.3-32

Vendor Advisories

An issue was discovered in the Tatsuya Kinoshita w3m fork before 053-33 w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page ...
Debian Bug report logs - #844726 w3m: CVE-2016-9439: stack overflow Package: src:w3m; Maintainer for src:w3m is Tatsuya Kinoshita <tats@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 18 Nov 2016 13:39:01 UTC Severity: normal Tags: patch, security, upstream Found in version w3m/053-8 ...
Several security issues were fixed in w3m ...
Oracle Solaris Third Party Bulletin - October 2016 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Up ...

Github Repositories

afl-cve A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz) Introduction afl-cve is a collection of known vulnerabilities that can be attributed to the AFL fuzzer afl-fuzz All vulnerabilities in this list either already have a CVE assigned, or a CVE has been requested from a CVE Numbering Authority Why is This Necessary? Because CVE descriptions are not ge