PublicDateAtUSN: 2016-12-11
Candidate: CVE-2016-9422
PublicDate: 2016-12-12 02:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9422
 http://www.openwall.com/lists/oss-security/2016/11/18/3
 https://ubuntu.com/security/notices/USN-3214-1
Description:
 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
 The feed_table_tag function in w3m doesn't properly validate the value of
 table span, which allows remote attackers to cause a denial of service
 (stack and/or heap buffer overflow) and possibly execute arbitrary code via
 a crafted HTML page.
Ubuntu-Description:
Notes:
Bugs:
 https://github.com/tats/w3m/issues/8
Priority: low
Discovered-by: Kuang-che Wu
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_w3m:
 debian: https://github.com/tats/w3m/commit/67a3db378f5ee3047c158eae4342f7e3245a2ab1
upstream_w3m: released (0.5.3-30)
precise_w3m: released (0.5.3-5ubuntu1.2)
precise/esm_w3m: released (0.5.3-5ubuntu1.2)
trusty_w3m: released (0.5.3-15ubuntu0.1)
trusty/esm_w3m: released (0.5.3-15ubuntu0.1)
vivid/stable-phone-overlay_w3m: DNE
vivid/ubuntu-core_w3m: DNE
xenial_w3m: released (0.5.3-26ubuntu0.1)
yakkety_w3m: ignored (reached end-of-life)
zesty_w3m: not-affected (0.5.3-30)
devel_w3m: not-affected (0.5.3-30)