Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-38223HistoryAug 15, 2022 - 11:21 a.m.
CVE-2022-38223
2022-08-1511:21:43
Debian Security Bug Tracker
security-tracker.debian.org
19
vulnerability
out-of-bounds write
w3m 0.5.3
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
57.3%
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | w3m | < 0.5.3+git20230121-1 | w3m_0.5.3+git20230121-1_all.deb |
| Debian | 11 | all | w3m | < 0.5.3+git20210102-6+deb11u1 | w3m_0.5.3+git20210102-6+deb11u1_all.deb |
| Debian | 999 | all | w3m | < 0.5.3+git20230121-1 | w3m_0.5.3+git20230121-1_all.deb |
| Debian | 13 | all | w3m | < 0.5.3+git20230121-1 | w3m_0.5.3+git20230121-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2022-08-15 11:21:00
osv
osv
w3m - security update
2023-08-24 00:00:00
w3m vulnerability
2023-01-09 13:17:38
w3m vulnerability
2023-01-10 12:17:15
cvelist
cvelist
CVE-2022-38223
2022-08-15 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : w3m vulnerability (USN-5796-1)
2023-01-09 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : w3m (SUSE-SU-2023:0065-1)
2023-01-12 00:00:00
Fedora 36 : w3m (2022-ce04ff8b49)
2023-01-01 00:00:00
ubuntu
ubuntu
w3m vulnerability
2023-01-10 00:00:00
w3m vulnerability
2023-01-09 00:00:00
mageia
mageia
Updated w3m packages fix security vulnerability
2023-01-13 20:37:09
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0006)
2023-03-28 00:00:00
Ubuntu: Security Advisory (USN-5796-2)
2023-01-11 00:00:00
Fedora: Security Advisory for w3m (FEDORA-2022-7d2f942be2)
2023-01-09 00:00:00
debian
debian
[SECURITY] [DLA 3541-1] w3m security update
2023-08-24 11:48:38
nvd
nvd
CVE-2022-38223
2022-08-15 11:21:43
alpinelinux
alpinelinux
CVE-2022-38223
2022-08-15 11:21:43
fedora
fedora
[SECURITY] Fedora 36 Update: w3m-0.5.3-58.git20220429.fc36
2023-01-01 01:07:32
[SECURITY] Fedora 37 Update: w3m-0.5.3-58.git20220429.fc37
2023-01-01 01:38:50
[SECURITY] Fedora 39 Update: w3m-0.5.3-63.git20230121.fc39
2024-03-27 01:27:33
redhatcve
redhatcve
CVE-2022-38223
2022-09-13 12:54:22
cve
cve
CVE-2022-38223
2022-08-15 11:21:43
CVE-2023-4255
2023-12-21 16:15:10
veracode
veracode
Out-of-Bounds Write
2023-01-17 18:58:30
ubuntucve
ubuntucve
CVE-2022-38223
2022-08-15 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
57.3%
Related for DEBIANCVE:CVE-2022-38223