Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-6772HistoryDec 27, 2006 - 11:28 p.m.
CVE-2006-6772
2006-12-2723:28:00
Debian Security Bug Tracker
security-tracker.debian.org
7
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.127 Low
EPSS
Percentile
95.5%
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | w3m | < 0.5.1-5.1 | w3m_0.5.1-5.1_all.deb |
| Debian | 11 | all | w3m | < 0.5.1-5.1 | w3m_0.5.1-5.1_all.deb |
| Debian | 999 | all | w3m | < 0.5.1-5.1 | w3m_0.5.1-5.1_all.deb |
| Debian | 13 | all | w3m | < 0.5.1-5.1 | w3m_0.5.1-5.1_all.deb |
Related
freebsd
freebsd
w3m -- format string vulnerability
2006-12-10 00:00:00
nessus
nessus
FreeBSD : w3m -- format string vulnerability (9347d82d-9a66-11db-b271-000e35248ad7)
2007-01-08 00:00:00
Fedora Core 5 : w3m-0.5.1-15.fc5 (2007-078)
2007-01-17 00:00:00
Ubuntu 5.10 / 6.06 LTS / 6.10 : w3m vulnerabilities (USN-399-1)
2007-11-10 00:00:00
openvas
openvas
Fedora Update for w3m FEDORA-2007-078
2009-02-27 00:00:00
SuSE Update for w3m SUSE-SA:2007:005
2009-01-28 00:00:00
Fedora Update for w3m FEDORA-2007-077
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: w3m-0.5.1-15.fc5
2007-01-15 16:26:29
suse
suse
remote denial of service, remote code execution in w3m
2007-01-10 17:11:58
cve
cve
CVE-2006-6772
2006-12-27 23:28:00
CVE-2007-3125
2007-06-07 22:30:00
cvelist
cvelist
CVE-2006-6772
2006-12-27 23:00:00
nvd
nvd
CVE-2006-6772
2006-12-27 23:28:00
CVE-2007-3125
2007-06-07 22:30:00
gentoo
gentoo
w3m: Format string vulnerability
2007-01-12 00:00:00
ubuntucve
ubuntucve
CVE-2006-6772
2006-12-27 00:00:00
prion
prion
Design/Logic Flaw
2007-06-07 22:30:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.127 Low
EPSS
Percentile
95.5%
Related for DEBIANCVE:CVE-2006-6772