Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200701-06
https://security.gentoo.org/
Severity: Normal
Title: w3m: Format string vulnerability
Date: January 12, 2007
Bugs: #159145
ID: 200701-06
Synopsis
=======
w3m does not correctly handle format string specifiers in SSL
certificates.
Background
=========
w3m is a multi-platform text-based web browser.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/w3m < 0.5.1-r4 >= 0.5.1-r4
==========
w3m in -dump or -backend mode does not correctly handle printf() format
string specifiers in the Common Name (CN) field of an X.509 SSL
certificate.
Impact
=====
An attacker could entice a user to visit a malicious website ...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.