W3M
CVE-2018-6198
MEDIUM
Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
AnalysisAI
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. Rated medium severity (CVSS 4.7).
Technical ContextAI
This vulnerability is classified under CWE-59. w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. Affected products include: Tats W3M, Canonical Ubuntu Linux. Version information: through 0.5.3.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. Rated high severity (CVSS 7.8), this vulnera
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. Rated high severity (CVSS 7
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in t
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within t
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. Rated medium severity (CVSS 5.5)
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. Rated medium severity (CVSS 5.5), thi
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Rated high severity (CVSS 8.8), this vulnerab
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Rated high severity (CVSS 8.8), this vulnerab
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Rated high severity (CVSS 8.8), this vulnerab
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Rated high severity (CVSS 8.8), this vulnerab
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Rated high severity (CVSS 8.8), this vulnerab
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Rated high severity (CVSS 8.8), this vulnerab
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today