30 matches found
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
DEBIAN-CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
CVE-2006-6772
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...
W3M SSL证书格式串处理漏洞
w3m是一款开放源码的文字式网页浏览器。 w3m在处理畸形格式的SSL证书里存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 如果HTTPS URL的SSL证书中CN包含有“%n%n%n%n%n%n”字符的话,则w3m在以-dump或-backend选项打开上述URL时就会导致崩溃。 W3M W3M 0.5.1 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://w3m.sourceforge.net/...
CVE-2005-3330
The httpsrequest function in Snoopy 1.2, as used in products such as 1 MagpieRSS, 2 WordPress, 3 Ampache, and 4 Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function...
CVE-2005-3330
The httpsrequest function in Snoopy 1.2, as used in products such as 1 MagpieRSS, 2 WordPress, 3 Ampache, and 4 Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function...
CVE-2005-3330
The httpsrequest function in Snoopy 1.2, as used in products such as 1 MagpieRSS, 2 WordPress, 3 Ampache, and 4 Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function...
CVE-2005-1385
Safari 1.3 allows remote attackers to cause a denial of service application crash via a long https URL that triggers a NULL pointer dereference...
CVE-2005-1385
Safari 1.3 allows remote attackers to cause a denial of service application crash via a long https URL that triggers a NULL pointer dereference...