Shodan
Vulnerabilities
Vulnerable Software
Tats:  >> W3m  >> 0.5.3  Security Vulnerabilities
CVE-2022-38223
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-15
CVE-2018-6196
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-01-25
CVE-2018-6197
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-01-25
CVE-2018-6198
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
CVSS Score
4.7
EPSS Score
0.001
Published
2018-01-25
CVE-2016-9435
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
CVSS Score
6.5
EPSS Score
0.014
Published
2017-01-20
CVE-2016-9436
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
CVSS Score
6.5
EPSS Score
0.014
Published
2017-01-20
CVE-2016-9633
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.006
Published
2016-12-12
CVE-2016-9632
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-12-12
CVE-2016-9631
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-12-12
CVE-2016-9630
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-12-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved