|
W3M Browser InputAnswer Format String Vulnerability
W3M is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attack can exploit this issue to execute arbitrary machine code in the context of the user running the affected browser. A successful attack will compromise the application. Failed attempts may cause denial-of-service conditions. Versions prior to W3M 0.5.2 are vulnerable. |
|
|
Privacy Statement |
