CVE-2006-6772
First published: Wed Dec 27 2006(Updated: )
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| w3m | =0.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sourceforge.net/tracker/index.php?func=detail&aid=1612792&group_id=39518&atid=425439
- http://www.securityfocus.com/bid/21735
- http://securitytracker.com/id?1017440
- http://secunia.com/advisories/23492
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051457.html
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.044.html
- http://www.ubuntu.com/usn/usn-399-1
- http://secunia.com/advisories/23588
- http://www.novell.com/linux/security/advisories/2007_05_w3m.html
- http://secunia.com/advisories/23717
- http://security.gentoo.org/glsa/glsa-200701-06.xml
- http://secunia.com/advisories/23773
- http://fedoranews.org/cms/node/2415
- http://fedoranews.org/cms/node/2416
- http://secunia.com/advisories/23792
- http://w3m.cvs.sourceforge.net/w3m/w3m/file.c?r1=1.249&r2=1.250
- http://w3m.cvs.sourceforge.net/w3m/w3m/file.c?view=log
- http://www.securityfocus.com/bid/24332
- http://www.vupen.com/english/advisories/2006/5164
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34821
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31114
- http://w3m.cvs.sourceforge.net/*checkout*/w3m/w3m/NEWS?revision=1.79
- http://w3m.cvs.sourceforge.net/%2Acheckout%2A/w3m/w3m/NEWS?revision=1.79
Frequently Asked Questions
What is the severity of CVE-2006-6772?
CVE-2006-6772 has been classified as a critical vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2006-6772?
To mitigate CVE-2006-6772, upgrade w3m to version 0.5.2 or later, where the vulnerability has been addressed.
What versions of w3m are affected by CVE-2006-6772?
CVE-2006-6772 affects w3m versions prior to 0.5.2, specifically version 0.5.1.
Can CVE-2006-6772 be exploited remotely?
Yes, CVE-2006-6772 can be exploited remotely through malicious SSL certificates with crafted format string specifiers.
What are the potential consequences of CVE-2006-6772?
Exploitation of CVE-2006-6772 could allow attackers to execute arbitrary code on the vulnerable system.
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-historical
- vendor/w3m
- product/w3m
- canonical/w3m w3m
- canonical/w3m
- version/w3m/0.5.1