CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2012/10/22 12:0 a.m.•30 views

Gentoo Security Advisory GLSA 201210-01 (w3m)

The remote host is missing updates announced in advisory GLSA 201210-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.8CVSS0.1AI score0.01841EPSS

Exploits0

Tenable Nessus•added 2012/08/01 12:0 a.m.•43 views

Scientific Linux Security Update : w3m on SL5.x i386/x86_64

It was discovered that w3m is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the...

Tenable Nessus•added 2010/12/02 12:0 a.m.•30 views

SuSE 11 / 11.1 Security Update : w3m (SAT Patch Numbers 2560 / 2563)

w3m does not handle embedded NUL characters in the common name and in subject alternative names of X.509 certificates CVE-2010-2074. This update fixes the issue and also turns on verification of x509 certificates by default which was not the case before. %NASLMINLEVEL 70300 C Tenable Network...

Tenable Nessus•added 2010/10/11 12:0 a.m.•301 views

SuSE 10 Security Update : w3m (ZYPP Patch Number 7076)

OpenVAS•added 2010/08/13 12:0 a.m.•24 views

Ubuntu: Security Advisory (USN-967-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8.7AI score0.01841EPSS

Tenable Nessus•added 2010/08/10 12:0 a.m.•25 views

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : w3m vulnerability (USN-967-1)

Ludwig Nussel discovered w3m does not properly handle SSL/TLS certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. CVE-2010-2074. Note that Tenable Network...

Tenable Nessus•added 2010/07/28 12:0 a.m.•23 views

CentOS 5 : w3m (CESA-2010:0565)

Updated w3m packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

Tenable Nessus•added 2010/07/28 12:0 a.m.•33 views

RHEL 5 : w3m (RHSA-2010:0565)

Tenable Nessus•added 2010/07/21 12:0 a.m.•33 views

openSUSE Security Update : w3m (openSUSE-SU-2010:0393-1)

w3m did not handle embedded nul characters in the common name and in subject alternative names of x509 certificates. CVE-2010-2074 has been assigned to this issue. This update also turns on verification of x509 certificates by default which was not the case before. %NASLMINLEVEL 70300 C Tenable...

Tenable Nessus•added 2010/07/21 12:0 a.m.•23 views

openSUSE Security Update : w3m (openSUSE-SU-2010:0393-1)

Tenable Nessus•added 2010/07/21 12:0 a.m.•26 views

Fedora 12 : w3m-0.5.2-17.fc12 (2010-10369)

Resolves:rh604864-CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Tenable Nessus•added 2010/07/21 12:0 a.m.•27 views

openSUSE Security Update : w3m (openSUSE-SU-2010:0393-1)

Tenable Nessus•added 2010/07/09 12:0 a.m.•22 views

Fedora 13 : w3m-0.5.2-18.fc13 (2010-10250)