1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
PublicDateAtUSN: 2016-12-11
Candidate: CVE-2016-9443
PublicDate: 2016-12-11
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9443
https://github.com/tats/w3m/issues/28
http://www.openwall.com/lists/oss-security/2016/11/18/3
http://www.ubuntu.com/usn/usn-3214-1
Description:
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
w3m allows remote attackers to cause a denial of service (segmentation
fault and crash) via a crafted HTML page.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by: Kuang-che Wu
Assigned-to:
Patches_w3m:
debian: https://github.com/tats/w3m/commit/ec9eb22e008a69ea9dc21fdca4b9b836679965ee
upstream_w3m: released (0.5.3-30)
precise_w3m: released (0.5.3-5ubuntu1.2)
precise/esm_w3m: released (0.5.3-5ubuntu1.2)
trusty_w3m: released (0.5.3-15ubuntu0.1)
vivid/stable-phone-overlay_w3m: DNE
vivid/ubuntu-core_w3m: DNE
xenial_w3m: released (0.5.3-26ubuntu0.1)
yakkety_w3m: ignored (reached end-of-life)
zesty_w3m: not-affected (0.5.3-32)
devel_w3m: not-affected (0.5.3-32)
|