w3m -- buffer overflow

ID DSA-064
Type debian
Reporter Debian
Modified 2001-06-21T00:00:00


SecureNet Service reported that w3m (a console web browser) has a buffer overflow in its MIME header parsing code. This could be exploited by an attacker if by making a web-server a user visits return carefully crafted MIME headers.

This has been fixed in version 0.1.10+0.1.11pre+kokb23-4, and we recommend that you upgrade your w3m package.