Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-6198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - w3m through 0.5.3 does not properly handle temporary files when the /.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to...

4.7CVSS6.4AI score0.00395EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2019:0776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.04391EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2019/04/05 12:0 a.m.33 views

openSUSE Security Update : w3m (openSUSE-2019-1142)

This update for w3m fixes the following issues : Security issues fixed : - CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feedtableblocktag function which did not prevent a negative indent value bsc1077559 - CVE-2018-6197: Prevent NULL pointer dereference in...

7.5CVSS6.4AI score0.04391EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.26 views

SUSE SLED12 / SLES12 Security Update : w3m (SUSE-SU-2019:0776-1)

This update for w3m fixes several issues. These security issues were fixed : CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feedtableblocktag function which did not prevent a negative indent value bsc1077559 CVE-2018-6197: Prevent NULL pointer dereference in...

7.5CVSS6.5AI score0.04391EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.38 views

Ubuntu: Security Advisory (USN-3555-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.04391EPSS
Exploits2References2
OSV
OSV
added 2018/07/11 9:47 p.m.8 views

MGASA-2018-0312 Updated w3m packages fix security vulnerability

It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service CVE-2018-6196, CVE-2018-6197. It was discovered that w3m incorrectly handled temporary files. An attacker could possibly use this to overwrite arbitrary files...

7.5CVSS6.1AI score0.04391EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.32 views

Fedora 27 : w3m (2018-0ad6e73ac0)

Rebase to latest upstream gitrev 20180125 and Security fix for CVE-2018-6196, CVE-2018-6197, CVE-2018-6198 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as...

7.5CVSS6.3AI score0.04391EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2018/02/05 12:0 a.m.32 views

FreeBSD : w3m - multiple vulnerabilities (e72d5bf5-07a0-11e8-8248-0021ccb9e74d)

Tatsuya Kinoshita reports : CVE-2018-6196 table.c: Prevent negative indent value in feedtableblocktag. CVE-2018-6197 form.c: Prevent invalid columnPos call in formUpdateBuffer. CVE-2018-6198 config.h.dist, config.h.in, configure, configure.ac, main.c, rc.c: Make temporary directory safely when...

7.5CVSS6.2AI score0.04391EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2018/02/02 12:0 a.m.28 views

Ubuntu 14.04 LTS / 16.04 LTS : w3m vulnerabilities (USN-3555-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3555-1 advisory. It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. CVE-2018-619...

7.5CVSS6.7AI score0.04391EPSS
Exploits2References4
Ubuntu
Ubuntu
added 2018/02/01 1:25 p.m.67 views

USN-3555-1: w3m vulnerabilities

It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. CVE-2018-6196, CVE-2018-6197 It was discovered that w3m incorrectly handled temporary files. An attacker could possibly use this to overwrite arbitrary files...

7.5CVSS6.6AI score0.04391EPSS
Exploits2
CVE
CVE
added 2018/01/25 3:0 a.m.209 views

CVE-2018-6198

CVE-2018-6198 affects w3m up to 0.5.3; when ~/.w3m is unwritable, a local attacker can craft a symlink attack to overwrite arbitrary files. Patches/fixes exist across distributions (e.g., openSUSE/SUSE updates and related advisories) addressing CVE-2018-6196–6198; apply vendor updates to mitigate.

4.7CVSS5.6AI score0.00395EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder