Lucene search

UbuntuUSN-3555-2

HistoryFeb 01, 2018 - 12:00 a.m.

w3m vulnerabilities

2018-02-0100:00:00

ubuntu.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

80.7%

JSON

Releases

Ubuntu 12.04

Packages

w3m - WWW browsable pager with excellent tables/frames support

Details

USN-3555-2 fixed vulnerabilities in w3m. This update
provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:

It was discovered that w3m incorrectly handled certain inputs.
An attacker could possibly use this to cause a denial of service.
(CVE-2018-6196, CVE-2018-6197)

It was discovered that w3m incorrectly handled temporary files.
An attacker could possibly use this to overwrite arbitrary files.
(CVE-2018-6198)

OSVersionArchitecturePackageVersionFilename
Ubuntu12.04noarchw3m< 0.5.3-5ubuntu1.3UNKNOWN
Ubuntu12.04noarchw3m-dbgsym< 0.5.3-5ubuntu1.3UNKNOWN
Ubuntu12.04noarchw3m-img< 0.5.3-5ubuntu1.3UNKNOWN
Ubuntu12.04noarchw3m-img-dbgsym< 0.5.3-5ubuntu1.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	12.04	noarch	w3m	< 0.5.3-5ubuntu1.3	UNKNOWN
Ubuntu	12.04	noarch	w3m-dbgsym	< 0.5.3-5ubuntu1.3	UNKNOWN
Ubuntu	12.04	noarch	w3m-img	< 0.5.3-5ubuntu1.3	UNKNOWN
Ubuntu	12.04	noarch	w3m-img-dbgsym	< 0.5.3-5ubuntu1.3	UNKNOWN