Lucene search

[email protected]CVE-2001-0700

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0700

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0700

buffer overflow

w3m 0.2.1

remote attacker

arbitrary code

mime header

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.235 Low

EPSS

Percentile

96.6%

JSON

Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.

Affected configurations

NVD

Node

w3mw3mRange≤0.2.1

w3mw3mMatch0.1.3

w3mw3mMatch0.1.4

w3mw3mMatch0.1.6

w3mw3mMatch0.1.7

w3mw3mMatch0.1.8

w3mw3mMatch0.1.9

w3mw3mMatch0.1.10

w3mw3mMatch0.2

CPENameOperatorVersion
w3m:w3mw3mle0.2.1
w3m:w3mw3meq0.1.3
w3m:w3mw3meq0.1.4
w3m:w3mw3meq0.1.6
w3m:w3mw3meq0.1.7
w3m:w3mw3meq0.1.8
w3m:w3mw3meq0.1.9
w3m:w3mw3meq0.1.10
w3m:w3mw3meq0.2

CPE	Name	Operator	Version
w3m:w3m	w3m	le	0.2.1
w3m:w3m	w3m	eq	0.1.3
w3m:w3m	w3m	eq	0.1.4
w3m:w3m	w3m	eq	0.1.6
w3m:w3m	w3m	eq	0.1.7
w3m:w3m	w3m	eq	0.1.8
w3m:w3m	w3m	eq	0.1.9
w3m:w3m	w3m	eq	0.1.10
w3m:w3m	w3m	eq	0.2

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000434

mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html

www.debian.org/security/2001/dsa-064

www.debian.org/security/2001/dsa-081

www.securityfocus.com/archive/1/192371

www.securityfocus.com/bid/2895

exchange.xforce.ibmcloud.com/vulnerabilities/6725

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.235 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2001-0700

nessus2 openvas2 cvelist1 nvd1