15 matches found
SLES9: Security update for w3m
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: w3m For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018293 within the SuSE...
SuSE9 Security Update : w3m (YOU Patch Number 11376)
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Fedora Update for w3m FEDORA-2007-078
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for w3m FEDORA-2007-077
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : w3m (ZYPP Patch Number 2439)
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
openSUSE 10 Security Update : w3m (w3m-2433)
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update w3m-2433. T...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6772. Reason: This candidate is a duplicate of CVE-2006-6772. Notes: All CVE users should reference CVE-2006-6772 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-3125
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6772. Reason: This candidate is a duplicate of CVE-2006-6772. Notes: All CVE users should reference CVE-2006-6772 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-3125
CVE-2007-3125 is a duplicate of CVE-2006-6772 and is not a separate active entry. The connected documents describe CVE-2006-6772 as a format string vulnerability in w3m (triggered via -dump / -backend mode) that could cause a crash or execution of code by a malicious server. This issue has been a...
SUSE-SA:2007:005: w3m
The remote host is missing the patch for the advisory SUSE-SA:2007:005 w3m. A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not...
Fedora Core 5 : w3m-0.5.1-15.fc5 (2007-078)
Resolves: rh221484: CVE-2006-6772 w3m is vulnerable to format string attack via CN field of SSL/TLS certificate when invoked with -dump/-backend Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
CVE-2006-6772
CVE-2006-6772 is a format-string vulnerability in w3m’s inputAnswer function (file.c) that affects modes -dump/-backend; an attacker could craft a certificate CN in an HTTPS URL to execute arbitrary code. The issue is fixed in later w3m builds (e.g., w3m-0.5.3+git20180125-1.14 and related openSUS...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...