CVE-2016-9431

Published: 11 December 2016

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
w3m
Launchpad, Ubuntu, Debian
Upstream
Released (0.5.3-30)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.5.3-26ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.5.3-15ubuntu0.1)
Patches:
Debian: https://github.com/tats/w3m/commit/9f0bdcfdf061db3520bd1f112bdc5e83acdec4be