Vulnerability: Debian

The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may lead auser to send his/her local cookies, which are used for configuration.

For the stable distribution (woody), these problems have been fixed inversion 0.3-2.4.

The old stable distribution (potato) is not affected.

For the unstable distribution (sid), these problems have been fixed inversions and later.

An upgrade of w3m and w3m-ssl packages is recommended.

For details, click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Debian

Show Comments