9.3
CVE-2006-6772
- EPSS 4.67%
- Veröffentlicht 27.12.2006 23:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginFormat string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.67% | 0.906 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-134 Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
http://fedoranews.org/cms/node/2415
http://fedoranews.org/cms/node/2416
http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051457.html
http://secunia.com/advisories/23492
http://secunia.com/advisories/23588
http://secunia.com/advisories/23717
http://secunia.com/advisories/23773
http://secunia.com/advisories/23792
http://security.gentoo.org/glsa/glsa-200701-06.xml
http://securitytracker.com/id?1017440
http://sourceforge.net/tracker/index.php?func=detail&aid=1612792&group_id=39518&atid=425439
http://w3m.cvs.sourceforge.net/%2Acheckout%2A/w3m/w3m/NEWS?revision=1.79
http://w3m.cvs.sourceforge.net/w3m/w3m/file.c?r1=1.249&r2=1.250
http://w3m.cvs.sourceforge.net/w3m/w3m/file.c?view=log
http://www.novell.com/linux/security/advisories/2007_05_w3m.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.044.html
http://www.securityfocus.com/bid/21735
http://www.securityfocus.com/bid/24332
http://www.ubuntu.com/usn/usn-399-1
http://www.vupen.com/english/advisories/2006/5164
https://exchange.xforce.ibmcloud.com/vulnerabilities/31114
https://exchange.xforce.ibmcloud.com/vulnerabilities/34821