Denial Of Service (DoS)

2023-08-0718:11:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

w3m

vulnerability

dos

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

10.3%

JSON

w3m is vulnerable to Denial of Service (DoS) attacks. This vulnerability occurs when w3m parses a specially crafted HTML file that contains an out-of-bounds read. If the file is valid, w3m could crash.

CPENameOperatorVersion
w3m:3.18eq0.5.3.20230121-r0
w3m:edgeeq0.5.3.20210102-r2
w3m:edgeeq0.5.3.20200502-r0
w3m:edgeeq0.5.3.20210102-r1
w3m:edgeeq0.5.3.20220429-r1
w3m:edgeeq0.5.3.20180125-r4
w3m:edgeeq0.5.3.20210102-r0
w3m:edgeeq0.5.3.20220429-r0
w3m:edgeeq0.5.3.20220429-r2
w3m:edgeeq0.5.3.20230121-r0

Name	Operator	Version
w3m:3.18	eq	0.5.3.20230121-r0
w3m:edge	eq	0.5.3.20210102-r2
w3m:edge	eq	0.5.3.20200502-r0
w3m:edge	eq	0.5.3.20210102-r1
w3m:edge	eq	0.5.3.20220429-r1
w3m:edge	eq	0.5.3.20180125-r4
w3m:edge	eq	0.5.3.20210102-r0
w3m:edge	eq	0.5.3.20220429-r0
w3m:edge	eq	0.5.3.20220429-r2
w3m:edge	eq	0.5.3.20230121-r0