CVE-2016-9435 - OpenCVE

The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Opensuse Project	Leap
Opensuse	Leap
Tats	W3m

Configuration 1 [-]

OR	cpe:2.3:o:opensuse:leap:42.2:::::::*
	cpe:2.3:o:opensuse_project:leap:42.1:::::::*

Configuration 2 [-]

cpe:2.3:a:tats:w3m:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html	Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/11/18/3	Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/94407	Third Party Advisory VDB Entry
https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd	Issue Tracking Patch Third Party Advisory
https://github.com/tats/w3m/issues/16	Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/201701-08	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-01-20T15:00:00

Updated: 2017-01-20T14:57:01

Reserved: 2016-11-18T00:00:00

Link: CVE-2016-9435

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-01-20T15:59:00.613

Modified: 2023-12-29T18:38:04.570

Link: CVE-2016-9435

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-11-18T00:00:00", "descriptions": [{"lang": "en", "value": "The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-20T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201701-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-08"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd"}, {"name": "openSUSE-SU-2016:3121", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/tats/w3m/issues/16"}, {"name": "94407", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94407"}, {"name": "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/11/18/3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9435", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201701-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-08"}, {"name": "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd", "refsource": "CONFIRM", "url": "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd"}, {"name": "openSUSE-SU-2016:3121", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html"}, {"name": "https://github.com/tats/w3m/issues/16", "refsource": "MISC", "url": "https://github.com/tats/w3m/issues/16"}, {"name": "94407", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94407"}, {"name": "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/11/18/3"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-9435", "datePublished": "2017-01-20T15:00:00", "dateReserved": "2016-11-18T00:00:00", "dateUpdated": "2017-01-20T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*", "matchCriteriaId": "CF605E46-ADCE-45B3-BBBA-E593D3CEE2A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tats:w3m:*:*:*:*:*:*:*:*", "matchCriteriaId": "F59B7474-3DF8-4151-A9EA-FEA693FC8A32", "versionEndIncluding": "0.5.3\\+git20160718", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags."}, {"lang": "es", "value": "La funci\u00f3n HTMLtagproc1 en file.c en w3m en versiones anteriores a 0.5.3+git20161009 no inicia valores adecuadamente, lo que permite a atacantes remotos bloquear la aplicaci\u00f3n a trav\u00e9s de un archivo html manipulado, relacionado con etiquetas \n<dd>\n .\n</dd>"}], "id": "CVE-2016-9435", "lastModified": "2023-12-29T18:38:04.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-20T15:59:00.613", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/11/18/3"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94407"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/tats/w3m/issues/16"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://security.gentoo.org/glsa/201701-08"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}