8 matches found
TencentOS Server 4: w3m (TSSA-2025:0165)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0165 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-4255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is...
Fedora 40 : w3m (2024-aeb75f8b5b)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-aeb75f8b5b advisory. - Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 2222775, 2222780, 2255207...
Fedora: Security Advisory (FEDORA-2024-aeb75f8b5b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : w3m vulnerability (USN-6580-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6580-1 advisory. It was discovered that w3m incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a...
SUSE-SU-2024:0014-1 Security update for w3m
This update for w3m fixes the following issues: - CVE-2023-4255: Fixed out-of-bounds write in function checkType in etc.c bsc1218226...
CVE-2023-4255
CVE-2023-4255 describes an out-of-bounds write in W3M’s etc.c backspace handling (checkType()) that can be triggered by a crafted HTML file to cause a crash/DoS. Affected software is W3M (e.g., w3m 0.5.3); multiple disclosures reference this flaw across Astra Linux, Debian, and related advisories...
CVE-2023-4255 W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...