Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 081-1 (w3m, w3m-ssl)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to w3m, w3m-ssl announced via advisory DSA 081-1.
Insight
Insight
In SNS Advisory No. 32 a buffer overflow vulnerability has been reported in the routine which parses MIME headers that are returned from web servers. A malicious web server administrator could exploit this and let the client web browser execute arbitrary code. W3m handles MIME headers included in the request/response message of HTTP communication like any other we bbrowser. A buffer overflow will be occur when w3m receives a MIME encoded header with base64 format. This problem has been fixed by the maintainer in version 0.1.10+0.1.11pre+kokb23-4 of w3m and w3m-ssl (for the SSL-enabled version), both for Debian GNU/Linux 2.2. We recommend that you upgrade your w3m packages immediately.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20081-1