Published: 25/01/2018 Updated: 29/12/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

w3m up to and including 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tats w3m
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04
canonical ubuntu linux 17.10

Debian Bug report logs - #888097 w3m: CVE-2018-6198: insecure temporary files creation when ~/w3m is unwritable Package: w3m; Maintainer for w3m is Tatsuya Kinoshita <tats@debianorg>; Source for w3m is src:w3m (PTS, buildd, popcon) Reported by: Tatsuya Kinoshita <tats@debianorg> Date: Tue, 23 Jan 2018 10:18:02 UTC ...

Several security issues were fixed in w3m ...

w3m through 053 is prone to a NULL pointer dereference flaw in formUpdateBuffer in formc ...

CWE-476 https://github.com/tats/w3m/issues/89 https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8 http://www.securityfocus.com/bid/102846 https://usn.ubuntu.com/3555-2/https://usn.ubuntu.com/3555-1/http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html https://lists.debian.org/debian-lts-announce/2020/04/msg00025.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888097 https://nvd.nist.gov https://usn.ubuntu.com/3555-2/

CVE-2018-6197

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect