Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0700Improper Restriction of Operations within the Bounds of a Memory Buffer in W3M

5 documents5 sources
Severity
7.5HIGHNVD
EPSS
13.3%
top 5.81%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
W3M
Timeline
PublishedSep 20
Latest updateApr 30

Description

Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDw3m/w3m0.2.1+8

Patches

Patch: mi.med.tohoku.ac.jpPatch: www.securityfocus.comPatch: mi.med.tohoku.ac.jp

🔴Vulnerability Details

2
GHSA
GHSA-w4h5-5xwp-3m26: Buffer overflow in w3m 02022-04-30
CVEList
CVE-2001-0700: Buffer overflow in w3m 02002-03-09

💥Exploits & PoCs

1
Exploit-DB
W3M 0.1/0.2 - Malformed MIME Header Buffer Overflow2001-06-19
CVE-2001-0700 — W3M vulnerability | cvebase