CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

DEBIAN-CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

CVE-2023-4255

CVE-2023-4255 describes an out-of-bounds write in W3M’s etc.c backspace handling (checkType()) that can be triggered by a crafted HTML file to cause a crash/DoS. Affected software is W3M (e.g., w3m 0.5.3); multiple disclosures reference this flaw across Astra Linux, Debian, and related advisories...

w3m Security Vulnerabilities

w3m is a WWW-enabled pager from the personal developer Tatsuya Kinoshita. A security vulnerability exists in W3M, which stems from an out-of-bounds write issue found in the checkType function's backspace handling in etc.c. The vulnerability can be triggered by supplying a specially crafted HTML...

Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication obtain sensitive information or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c which trigger an "Off-by-two" or "Out of bounds overwrite" memory error.

...

USN-2836-1 grub2 vulnerability

Hector Marco and Ismael Ripoll discovered that GRUB incorrectly handled the backspace key when configured to use authentication. A local attacker could use this issue to bypass GRUB password protection...

grub2: buffer overflow when checking password entered during bootup

A flaw was found in the way grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system...

PT-2023-28417 · W3M +5 · W3M +5

Name of the Vulnerable Software and Affected Versions: W3M affected versions not specified Description: An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This issue is triggered by supplying a specially crafte...

CVE-2004-1482

The sbufgetmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts...