CVE-2023-4255

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-4255
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2255207 Issue Tracking Third Party Advisory
https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 Patch
https://github.com/tats/w3m/issues/268 Exploit Issue Tracking Patch
https://github.com/tats/w3m/pull/273 Issue Tracking Patch
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/
https://bugzilla.redhat.com/show_bug.cgi?id=2255207 Issue Tracking Third Party Advisory
https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 Patch
https://github.com/tats/w3m/issues/268 Exploit Issue Tracking Patch
https://github.com/tats/w3m/pull/273 Issue Tracking Patch
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tats:w3m:0.5.3\+git20230121-1:*:*:*:*:*:*:*
cpe:2.3:a:tats:w3m:0.5.3\+git20230121-2:*:*:*:*:*:*:*
cpe:2.3:a:tats:w3m:0.5.3\+git20230129:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
History

21 Nov 2024, 08:34

Type Values Removed Values Added
References () https://bugzilla.redhat.com/show_bug.cgi?id=2255207 - Issue Tracking, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2255207 - Issue Tracking, Third Party Advisory
References () https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 - Patch () https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 - Patch
References () https://github.com/tats/w3m/issues/268 - Exploit, Issue Tracking, Patch () https://github.com/tats/w3m/issues/268 - Exploit, Issue Tracking, Patch
References () https://github.com/tats/w3m/pull/273 - Issue Tracking, Patch () https://github.com/tats/w3m/pull/273 - Issue Tracking, Patch
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/ -
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/ -
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/ -

27 Mar 2024, 03:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/ -

23 Mar 2024, 03:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/ -

03 Jan 2024, 02:30

Type Values Removed Values Added
First Time Fedoraproject extra Packages For Enterprise Linux
Tats w3m
Tats
Fedoraproject fedora
Fedoraproject
Summary
  • (es) Se descubrió un problema de escritura fuera de los límites en el manejo de retroceso de la función checkType() en etc.c dentro de la aplicación W3M. Esta vulnerabilidad se activa al proporcionar un archivo HTML especialmente manipulado al binario w3m. La explotación de este fallo podría provocar fallos en la aplicación, lo que resultaría en una condición de denegación de servicio.
References () https://bugzilla.redhat.com/show_bug.cgi?id=2255207 - () https://bugzilla.redhat.com/show_bug.cgi?id=2255207 - Issue Tracking, Third Party Advisory
References () https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 - () https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 - Patch
References () https://github.com/tats/w3m/issues/268 - () https://github.com/tats/w3m/issues/268 - Exploit, Issue Tracking, Patch
References () https://github.com/tats/w3m/pull/273 - () https://github.com/tats/w3m/pull/273 - Issue Tracking, Patch
CPE cpe:2.3:a:tats:w3m:0.5.3\+git20230121-1:*:*:*:*:*:*:*
cpe:2.3:a:tats:w3m:0.5.3\+git20230129:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:tats:w3m:0.5.3\+git20230121-2:*:*:*:*:*:*:*

21 Dec 2023, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-21 16:15

Updated : 2024-11-21 08:34

NVD link : CVE-2023-4255

Mitre link : CVE-2023-4255

CVE.ORG link : CVE-2023-4255

JSON object : View

Products Affected

tats

  • w3m

fedoraproject

  • fedora
  • extra_packages_for_enterprise_linux
CWE
CWE-787

Out-of-bounds Write