Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201701-08
HistoryJan 01, 2017 - 12:00 a.m.

w3m: Multiple vulnerabilities

2017-01-0100:00:00
Gentoo Foundation
security.gentoo.org
20

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.2%

JSON

Background

w3m is a text based WWW browser.

Description

Multiple vulnerabilities have been discovered in w3m. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could execute arbitrary code with the privileges of the process or cause a Denial of Service condition via a maliciously crafted HTML file.

Workaround

There is no known workaround at this time.

Resolution

All w3m users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/w3m-0.5.3-r9"
OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-client/w3m< 0.5.3-r9UNKNOWN

Related

archlinux 1
nessus 8
openvas 6
fedora 2
ubuntu 1
mageia 1
freebsd 1
ubuntucve 21
redhatcve 21
cve 22
prion 22
alpinelinux 19
debiancve 21
osv 2
archlinux
archlinux
[ASA-201611-18] w3m: multiple issues
2016-11-18 00:00:00
nessus
nessus
GLSA-201701-08 : w3m: Multiple vulnerabilities
2017-01-03 00:00:00
Fedora 24 : w3m (2017-783e8fa63e)
2017-03-22 00:00:00
Fedora 25 : w3m (2017-2e6b693937)
2017-03-14 00:00:00
openvas
openvas
Fedora Update for w3m FEDORA-2017-2e6b693937
2017-03-14 00:00:00
Fedora Update for w3m FEDORA-2017-783e8fa63e
2017-03-21 00:00:00
Ubuntu: Security Advisory (USN-3214-1)
2017-03-03 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: w3m-0.5.3-30.git20170102.fc24
2017-03-21 02:50:18
[SECURITY] Fedora 25 Update: w3m-0.5.3-30.git20170102.fc25
2017-03-14 02:23:55
ubuntu
ubuntu
w3m vulnerabilities
2017-03-02 00:00:00
mageia
mageia
Updated w3m packages fix security vulnerability
2018-01-03 13:32:10
freebsd
freebsd
w3m -- multiple vulnerabilities
2016-11-03 00:00:00
ubuntucve
ubuntucve
CVE-2016-9436
2017-01-20 00:00:00
CVE-2016-9431
2016-12-11 00:00:00
CVE-2016-9428
2016-12-11 00:00:00
redhatcve
redhatcve
CVE-2016-9443
2016-11-29 15:48:15
CVE-2016-9435
2016-11-29 15:18:03
CVE-2016-9432
2016-11-29 15:17:43
cve
cve
CVE-2016-9441
2016-12-12 02:59:00
CVE-2016-9435
2017-01-20 15:59:00
CVE-2016-9424
2016-12-12 02:59:00
prion
prion
Hardcoded credentials
2017-01-20 15:59:00
Hardcoded credentials
2016-12-12 02:59:00
Heap overflow
2016-12-12 02:59:00
alpinelinux
alpinelinux
CVE-2016-9424
2016-12-12 02:59:00
CVE-2016-9437
2016-12-12 02:59:00
CVE-2016-9441
2016-12-12 02:59:00
debiancve
debiancve
CVE-2016-9424
2016-12-12 02:59:00
CVE-2016-9432
2016-12-12 02:59:00
CVE-2016-9437
2016-12-12 02:59:00
osv
osv
CVE-2016-9436
2017-01-20 15:59:00
CVE-2016-9435
2017-01-20 15:59:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.2%

JSON
Related for GLSA-201701-08
archlinux1nessus8openvas6fedora2ubuntu1mageia1freebsd1ubuntucve21redhatcve21cve22prion22alpinelinux19debiancve21osv2