USN-5796-2: w3m vulnerability
Publication date
10 January 2023
Overview
w3m could be made to crash or run programs as your login if it opened a malicious website.
Releases
Packages
- w3m - WWW browsable pager with excellent tables/frames support
Details
USN-5796-1 fixed a vulnerability in w3m. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that w3m incorrectly handled certain HTML files. A remote
attacker could use this issue to cause w3m to crash, resulting in a denial
of service, or possibly execute arbitrary code.
USN-5796-1 fixed a vulnerability in w3m. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that w3m incorrectly handled certain HTML files. A remote
attacker could use this issue to cause w3m to crash, resulting in a denial
of service, or possibly execute arbitrary code.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 14.04 trusty | w3m – 0.5.3-15ubuntu0.2+esm1 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.