CVE-2018-6197

Exploit

w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 10

NVD 5 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tats ≫ W3m Version <= 0.5.3

Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.44%	0.633

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Third Party Advisory

Third Party Advisory

Third Party Advisory

VDB Entry

Patch

Third Party Advisory

Patch

Third Party Advisory

Exploit

CVE Source (NVD)

CVE Source (JSON)

EUVD

Team-orientierte Vulnerability Management Plattform