CVE-2016-9435 — MEDIUM (6.5)

Vulnerability Description

The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Opensuse	Leap	42.2
Opensuse Project	Leap	42.1
Tats	W3M	<= 0.5.3\+git20160718

Related Weaknesses (CWE)

CWE-20

References

http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.htmlThird Party Advisory
http://www.openwall.com/lists/oss-security/2016/11/18/3Mailing ListPatchThird Party Advisory
http://www.securityfocus.com/bid/94407Third Party AdvisoryVDB Entry
https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bdIssue TrackingPatchThird Party Advisory
https://github.com/tats/w3m/issues/16Issue TrackingPatchThird Party Advisory
https://security.gentoo.org/glsa/201701-08Third Party AdvisoryVDB Entry
http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.htmlThird Party Advisory
http://www.openwall.com/lists/oss-security/2016/11/18/3Mailing ListPatchThird Party Advisory
http://www.securityfocus.com/bid/94407Third Party AdvisoryVDB Entry
https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bdIssue TrackingPatchThird Party Advisory
https://github.com/tats/w3m/issues/16Issue TrackingPatchThird Party Advisory
https://security.gentoo.org/glsa/201701-08Third Party AdvisoryVDB Entry

FAQ

What is CVE-2016-9435?

CVE-2016-9435 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd>...

How severe is CVE-2016-9435?

CVE-2016-9435 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-9435?

Check the references section above for vendor advisories and patch information. Affected products include: Opensuse Leap, Opensuse Project Leap, Tats W3M.