CVE-2016-9435

Published: Jan 20, 2017

Modified: Nov 14, 2024

PUBLISHED

Description

The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-201701-08

vendor-advisory

x_refsource_GENTOO

https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd

x_refsource_CONFIRM

openSUSE-SU-2016:3121

vendor-advisory

x_refsource_SUSE

https://github.com/tats/w3m/issues/16

x_refsource_MISC

94407

vdb-entry

x_refsource_BID

[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-9435

Description

Affected Products

References