CVE-2023-4255
published 2023-12-21CVE-2023-4255: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability…
PriorityP420medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
EPSS
0.32%
23.9th percentile
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | w3m | < w3m 0.5.3+git20230121-2.1 (forky) | w3m 0.5.3+git20230121-2.1 (forky) |
| fedoraproject | extra_packages_for_enterprise_linux | — | — |
| fedoraproject | fedora | — | — |
| tats | w3m | — | — |
| tats | w3m | — | — |
| tats | w3m | — | — |
| tats | w3m | >= 0 < 0.5.3+git20230121-2.1 | 0.5.3+git20230121-2.1 |
| tats | w3m | >= 0 < 0.5.3+git20230121-2.1 | 0.5.3+git20230121-2.1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM
vendor_debian5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hx3r-ph4g-9px9: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc
ghsa_unreviewed·2023-12-21
CVE-2023-4255 [MEDIUM] CWE-787 GHSA-hx3r-ph4g-9px9: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
OSV
CVE-2023-4255: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc
osv·2023-12-21·CVSS 5.5
CVE-2023-4255 [MEDIUM] CVE-2023-4255: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
Ubuntu
w3m vulnerability
vendor_ubuntu·2024-01-15
CVE-2023-4255 w3m vulnerability
Title: w3m vulnerability
Summary: w3m could be made to crash or run programs as your login if it opened a malicious website.
It was discovered that w3m incorrectly handled certain HTML files.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2023-4255: w3m - An out-of-bounds write issue has been discovered in the backspace handling of th...
vendor_debian·2023·CVSS 5.5
CVE-2023-4255 [MEDIUM] CVE-2023-4255: w3m - An out-of-bounds write issue has been discovered in the backspace handling of th...
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 0.5.3+git20230121-2.1)
sid: resolved (fixed in 0.5.3+git20230121-2.1)
trixie: resolved (fixed in 0.5.3+git20230121-2.1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugzilla.redhat.com/show_bug.cgi?id=2255207https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3https://github.com/tats/w3m/issues/268https://github.com/tats/w3m/pull/273https://lists.fedoraproject.org/archives/list/[email protected]/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/https://lists.fedoraproject.org/archives/list/[email protected]/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/https://lists.fedoraproject.org/archives/list/[email protected]/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/https://bugzilla.redhat.com/show_bug.cgi?id=2255207https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3https://github.com/tats/w3m/issues/268https://github.com/tats/w3m/pull/273https://lists.fedoraproject.org/archives/list/[email protected]/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/https://lists.fedoraproject.org/archives/list/[email protected]/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/https://lists.fedoraproject.org/archives/list/[email protected]/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/
2023-12-21
Published