parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
References
Link Resource
http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/11/18/3 Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/94407 Third Party Advisory VDB Entry
https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd Issue Tracking Technical Description Patch
https://github.com/tats/w3m/issues/16 Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/201701-08 Third Party Advisory VDB Entry
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-01-20T15:00:00

Updated: 2017-01-20T14:57:01

Reserved: 2016-11-18T00:00:00


Link: CVE-2016-9436

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2017-01-20T15:59:00.677

Modified: 2023-12-29T18:38:04.570


Link: CVE-2016-9436

JSON object: View

cve-icon Redhat Information

No data.

CWE