FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

w3m -- format string vulnerability

Affected packages
		ja-w3m	<	0.5.1_6
		ja-w3m-img	<	0.5.1_6
		w3m	<	0.5.1_6
		w3m-img	<	0.5.1_6
		w3m-m17n	<	0.5.1_6
		w3m-m17n-img	<	0.5.1_6

Details

VuXML ID	9347d82d-9a66-11db-b271-000e35248ad7
Discovery	2006-12-10
Entry	2007-01-03

An anonymous person reports:

w3m-0.5.1 crashes when using the -dump or -backend options to open a HTTPS URL with a SSL certificate where the CN contains "%n%n%n%n%n%n".

[source]

References

Bugtraq ID	21735
CVE Name	CVE-2006-6772
URL	http://secunia.com/advisories/23492/
URL	http://sourceforge.net/tracker/index.php?func=detail&aid=1612792&group_id=39518&atid=425439

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.