Overview
- Description
- Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-134
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w3m:w3m:0.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F48F335-F985-4C9F-BF31-EBBA881C5F1C"
}
],
"operator": "OR"
}
]
}
]