CVE-2002-1335

Published: Dec 3, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2003:045

vendor-advisory

x_refsource_REDHAT

6793

vdb-entry

x_refsource_BID

8031

third-party-advisory

x_refsource_SECUNIA

http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200211.month/838.html

x_refsource_CONFIRM

OpenPKG-SA-2003.009

vendor-advisory

x_refsource_OPENPKG

8015

third-party-advisory

x_refsource_SECUNIA

8016

third-party-advisory

x_refsource_SECUNIA

6981

vdb-entry

x_refsource_OSVDB

DSA-251

vendor-advisory

x_refsource_DEBIAN

RHSA-2003:044

vendor-advisory

x_refsource_REDHAT

8053

third-party-advisory

x_refsource_SECUNIA

w3m-html-frame-xss(10842)

vdb-entry

x_refsource_XF

DSA-249

vendor-advisory

x_refsource_DEBIAN

http://sourceforge.net/project/shownotes.php?release_id=124484

x_refsource_CONFIRM

DSA-250

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-1335

Description

Affected Products

References