Vulnerability: Debian

The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may lead auser to send his/her local cookies, which are used for configuration.

For the stable distribution (woody), these problems have been fixed inversion 0.3-2.4.

The old stable distribution (potato) is not affected.

For the unstable distribution (sid), these problems have been fixed inversions 0.3.2.2-1 and later.

An upgrade of w3m and w3m-ssl packages is recommended.

For details, click here.

Join the newsletter!

Error: Please check your email address.

More about Debian

Show Comments