CVE-2016-9624NULL Pointer Dereference in W3M

CWE-476NULL Pointer Dereference8 documents8 sources
Severity
6.5MEDIUMNVD
EPSS
0.9%
top 24.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tats W3M
Timeline
PublishedDec 12
Latest updateMay 17

Description

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

Debiantats/w3m< 0.5.3-33+3
NVDtats/w3m0.5.3-32

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-57f6-ph2r-458q: An issue was discovered in the Tatsuya Kinoshita w3m fork before 02022-05-17
OSV
CVE-2016-9624: An issue was discovered in the Tatsuya Kinoshita w3m fork before 02016-12-12
CVEList
CVE-2016-9624: An issue was discovered in the Tatsuya Kinoshita w3m fork before 02016-12-12

📋Vendor Advisories

3
Ubuntu
w3m vulnerabilities2017-03-02
Red Hat
w3m: Null pointer dereference in formUpdateBuffer2016-11-07
Debian
CVE-2016-9624: w3m - An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m a...2016

💬Community

1
Bugzilla
CVE-2016-9624 w3m: Null pointer dereference in formUpdateBuffer2016-11-29
CVE-2016-9624 — NULL Pointer Dereference in Tats W3M | cvebase