4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
70.8%
CentOS Errata and Security Advisory CESA-2007:0208
w3c-libwww is a general-purpose web library.
Several buffer overflow flaws in w3c-libwww were found. If a client
application that uses w3c-libwww connected to a malicious HTTP server, it
could trigger an out of bounds memory access, causing the client
application to crash (CVE-2005-3183).
This updated version of w3c-libwww also fixes an issue when computing MD5
sums on a 64 bit machine.
Users of w3c-libwww should upgrade to these updated packages, which contain
backported patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075873.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075893.html
Affected packages:
w3c-libwww
w3c-libwww-apps
w3c-libwww-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0208
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | w3c-libwww | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm |
CentOS | 4 | ia64 | w3c-libwww-apps | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm |
CentOS | 4 | ia64 | w3c-libwww-devel | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm |
CentOS | 4 | s390 | w3c-libwww | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-5.4.0-10.1.RHEL4.2.s390.rpm |
CentOS | 4 | s390 | w3c-libwww-apps | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390.rpm |
CentOS | 4 | s390 | w3c-libwww-devel | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390.rpm |
CentOS | 4 | s390x | w3c-libwww | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-5.4.0-10.1.RHEL4.2.s390x.rpm |
CentOS | 4 | s390x | w3c-libwww-apps | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390x.rpm |
CentOS | 4 | s390x | w3c-libwww-devel | < 5.4.0-10.1.RHEL4.2 | w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390x.rpm |