Lucene search
K

15 matches found

OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.21 views

SLES9: Security update for w3m

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: w3m For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018293 within the SuSE...

9.3CVSS6.4AI score0.04665EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.32 views

SuSE9 Security Update : w3m (YOU Patch Number 11376)

A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

9.3CVSS7.3AI score0.04665EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.12 views

Fedora Update for w3m FEDORA-2007-078

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS6.7AI score0.04665EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.16 views

Fedora Update for w3m FEDORA-2007-077

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS6.7AI score0.04665EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.18 views

SuSE 10 Security Update : w3m (ZYPP Patch Number 2439)

A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

9.3CVSS7.3AI score0.04665EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.24 views

openSUSE 10 Security Update : w3m (w3m-2433)

A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update w3m-2433. T...

9.3CVSS7.3AI score0.04665EPSS
Exploits0References1
Prion
Prion
added 2007/06/07 10:30 p.m.9 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6772. Reason: This candidate is a duplicate of CVE-2006-6772. Notes: All CVE users should reference CVE-2006-6772 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.3AI score0.04665EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2007/06/07 10:30 p.m.4 views

CVE-2007-3125

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6772. Reason: This candidate is a duplicate of CVE-2006-6772. Notes: All CVE users should reference CVE-2006-6772 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

9.3CVSS5.8AI score0.04665EPSS
Exploits0References1
CVE
CVE
added 2007/06/07 10:0 p.m.31 views

CVE-2007-3125

CVE-2007-3125 is a duplicate of CVE-2006-6772 and is not a separate active entry. The connected documents describe CVE-2006-6772 as a format string vulnerability in w3m (triggered via -dump / -backend mode) that could cause a crash or execution of code by a malicious server. This issue has been a...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.17 views

SUSE-SA:2007:005: w3m

The remote host is missing the patch for the advisory SUSE-SA:2007:005 w3m. A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not...

9.3CVSS7.6AI score0.04665EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.29 views

Fedora Core 5 : w3m-0.5.1-15.fc5 (2007-078)

Resolves: rh221484: CVE-2006-6772 w3m is vulnerable to format string attack via CN field of SSL/TLS certificate when invoked with -dump/-backend Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

9.3CVSS7.2AI score0.04665EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2006/12/27 11:28 p.m.35 views

CVE-2006-6772

Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...

9.3CVSS7.4AI score0.04665EPSS
Exploits0References1
OSV
OSV
added 2006/12/27 11:28 p.m.7 views

CVE-2006-6772

Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...

7.4AI score
Exploits0References22
CVE
CVE
added 2006/12/27 11:0 p.m.67 views

CVE-2006-6772

CVE-2006-6772 is a format-string vulnerability in w3m’s inputAnswer function (file.c) that affects modes -dump/-backend; an attacker could craft a certificate CN in an HTTPS URL to execute arbitrary code. The issue is fixed in later w3m builds (e.g., w3m-0.5.3+git20180125-1.14 and related openSUS...

9.3CVSS7.3AI score0.04665EPSS
Exploits0References22Affected Software1
Debian CVE
Debian CVE
added 2006/12/27 11:0 p.m.19 views

CVE-2006-6772

Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...

9.3CVSS7.4AI score0.04665EPSS
Exploits0
Rows per page
Query Builder