Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-9632
Vulnerability from cvelistv5
Published
2016-12-12 02:00
Modified
2024-08-06 02:59
Severity ?
EPSS score ?
Summary
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/11/24/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://github.com/tats/w3m/blob/master/ChangeLog | Issue Tracking, Patch | |
| cve@mitre.org | https://github.com/tats/w3m/issues/43 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/11/24/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tats/w3m/blob/master/ChangeLog | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tats/w3m/issues/43 | Issue Tracking, Patch |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:02.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tats/w3m/issues/43"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"name": "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-12T02:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tats/w3m/issues/43"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"name": "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tats/w3m/issues/43",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/issues/43"
},
{
"name": "https://github.com/tats/w3m/blob/master/ChangeLog",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"name": "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9632",
"datePublished": "2016-12-12T02:00:00",
"dateReserved": "2016-11-23T00:00:00",
"dateUpdated": "2024-08-06T02:59:02.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9632\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-12-12T02:59:49.347\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento global del b\u00fafer y ca\u00edda) a trav\u00e9s de una p\u00e1gina HTML manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tats:w3m:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.5.3-32\",\"matchCriteriaId\":\"6DC404FB-B7D2-41DE-934B-E4BA3EF37B75\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2016/11/24/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tats/w3m/blob/master/ChangeLog\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tats/w3m/issues/43\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/11/24/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tats/w3m/blob/master/ChangeLog\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tats/w3m/issues/43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]}]}}"
}
}
suse-su-2016:3053-1
Vulnerability from csaf_suse
Published
2016-12-08 10:06
Modified
2016-12-08 10:06
Summary
Security update for w3m
Notes
Title of the patch
Security update for w3m
Description of the patch
This update for w3m fixes the following issues:
- update to debian git version (bsc#1011293)
addressed security issues:
CVE-2016-9622: w3m: null deref (bsc#1012021)
CVE-2016-9623: w3m: null deref (bsc#1012022)
CVE-2016-9624: w3m: near-null deref (bsc#1012023)
CVE-2016-9625: w3m: stack overflow (bsc#1012024)
CVE-2016-9626: w3m: stack overflow (bsc#1012025)
CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
CVE-2016-9628: w3m: null deref (bsc#1012027)
CVE-2016-9629: w3m: null deref (bsc#1012028)
CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
CVE-2016-9631: w3m: null deref (bsc#1012030)
CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
CVE-2016-9633: w3m: OOM (bsc#1012032)
CVE-2016-9434: w3m: null deref (bsc#1011283)
CVE-2016-9435: w3m: use uninit value (bsc#1011284)
CVE-2016-9436: w3m: use uninit value (bsc#1011285)
CVE-2016-9437: w3m: write to rodata (bsc#1011286)
CVE-2016-9438: w3m: null deref (bsc#1011287)
CVE-2016-9439: w3m: stack overflow (bsc#1011288)
CVE-2016-9440: w3m: near-null deref (bsc#1011289)
CVE-2016-9441: w3m: near-null deref (bsc#1011290)
CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
CVE-2016-9443: w3m: null deref (bsc#1011292)
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2016-1774,SUSE-SLE-DESKTOP-12-SP2-2016-1774,SUSE-SLE-RPI-12-SP2-2016-1774,SUSE-SLE-SERVER-12-SP1-2016-1774,SUSE-SLE-SERVER-12-SP2-2016-1774
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for w3m",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for w3m fixes the following issues:\n\n- update to debian git version (bsc#1011293)\n addressed security issues:\n CVE-2016-9622: w3m: null deref (bsc#1012021)\n CVE-2016-9623: w3m: null deref (bsc#1012022)\n CVE-2016-9624: w3m: near-null deref (bsc#1012023)\n CVE-2016-9625: w3m: stack overflow (bsc#1012024)\n CVE-2016-9626: w3m: stack overflow (bsc#1012025)\n CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)\n CVE-2016-9628: w3m: null deref (bsc#1012027)\n CVE-2016-9629: w3m: null deref (bsc#1012028)\n CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)\n CVE-2016-9631: w3m: null deref (bsc#1012030)\n CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)\n CVE-2016-9633: w3m: OOM (bsc#1012032)\n CVE-2016-9434: w3m: null deref (bsc#1011283)\n CVE-2016-9435: w3m: use uninit value (bsc#1011284)\n CVE-2016-9436: w3m: use uninit value (bsc#1011285)\n CVE-2016-9437: w3m: write to rodata (bsc#1011286)\n CVE-2016-9438: w3m: null deref (bsc#1011287)\n CVE-2016-9439: w3m: stack overflow (bsc#1011288)\n CVE-2016-9440: w3m: near-null deref (bsc#1011289)\n CVE-2016-9441: w3m: near-null deref (bsc#1011290)\n CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)\n CVE-2016-9443: w3m: null deref (bsc#1011292)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-1774,SUSE-SLE-DESKTOP-12-SP2-2016-1774,SUSE-SLE-RPI-12-SP2-2016-1774,SUSE-SLE-SERVER-12-SP1-2016-1774,SUSE-SLE-SERVER-12-SP2-2016-1774",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_3053-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:3053-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20163053-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:3053-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-December/002454.html"
},
{
"category": "self",
"summary": "SUSE Bug 1011283",
"url": "https://bugzilla.suse.com/1011283"
},
{
"category": "self",
"summary": "SUSE Bug 1011284",
"url": "https://bugzilla.suse.com/1011284"
},
{
"category": "self",
"summary": "SUSE Bug 1011285",
"url": "https://bugzilla.suse.com/1011285"
},
{
"category": "self",
"summary": "SUSE Bug 1011286",
"url": "https://bugzilla.suse.com/1011286"
},
{
"category": "self",
"summary": "SUSE Bug 1011287",
"url": "https://bugzilla.suse.com/1011287"
},
{
"category": "self",
"summary": "SUSE Bug 1011288",
"url": "https://bugzilla.suse.com/1011288"
},
{
"category": "self",
"summary": "SUSE Bug 1011289",
"url": "https://bugzilla.suse.com/1011289"
},
{
"category": "self",
"summary": "SUSE Bug 1011290",
"url": "https://bugzilla.suse.com/1011290"
},
{
"category": "self",
"summary": "SUSE Bug 1011291",
"url": "https://bugzilla.suse.com/1011291"
},
{
"category": "self",
"summary": "SUSE Bug 1011292",
"url": "https://bugzilla.suse.com/1011292"
},
{
"category": "self",
"summary": "SUSE Bug 1011293",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "self",
"summary": "SUSE Bug 1012021",
"url": "https://bugzilla.suse.com/1012021"
},
{
"category": "self",
"summary": "SUSE Bug 1012022",
"url": "https://bugzilla.suse.com/1012022"
},
{
"category": "self",
"summary": "SUSE Bug 1012023",
"url": "https://bugzilla.suse.com/1012023"
},
{
"category": "self",
"summary": "SUSE Bug 1012024",
"url": "https://bugzilla.suse.com/1012024"
},
{
"category": "self",
"summary": "SUSE Bug 1012025",
"url": "https://bugzilla.suse.com/1012025"
},
{
"category": "self",
"summary": "SUSE Bug 1012026",
"url": "https://bugzilla.suse.com/1012026"
},
{
"category": "self",
"summary": "SUSE Bug 1012027",
"url": "https://bugzilla.suse.com/1012027"
},
{
"category": "self",
"summary": "SUSE Bug 1012028",
"url": "https://bugzilla.suse.com/1012028"
},
{
"category": "self",
"summary": "SUSE Bug 1012029",
"url": "https://bugzilla.suse.com/1012029"
},
{
"category": "self",
"summary": "SUSE Bug 1012030",
"url": "https://bugzilla.suse.com/1012030"
},
{
"category": "self",
"summary": "SUSE Bug 1012031",
"url": "https://bugzilla.suse.com/1012031"
},
{
"category": "self",
"summary": "SUSE Bug 1012032",
"url": "https://bugzilla.suse.com/1012032"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9434 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9435 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9436 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9437 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9438 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9439 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9440 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9441 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9442 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9443 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9621 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9622 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9623 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9624 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9625 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9626 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9627 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9628 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9629 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9630 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9631 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9633/"
}
],
"title": "Security update for w3m",
"tracking": {
"current_release_date": "2016-12-08T10:06:04Z",
"generator": {
"date": "2016-12-08T10:06:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:3053-1",
"initial_release_date": "2016-12-08T10:06:04Z",
"revision_history": [
{
"date": "2016-12-08T10:06:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-160.1.aarch64",
"product": {
"name": "w3m-0.5.3.git20161120-160.1.aarch64",
"product_id": "w3m-0.5.3.git20161120-160.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-160.1.ppc64le",
"product": {
"name": "w3m-0.5.3.git20161120-160.1.ppc64le",
"product_id": "w3m-0.5.3.git20161120-160.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-160.1.s390x",
"product": {
"name": "w3m-0.5.3.git20161120-160.1.s390x",
"product_id": "w3m-0.5.3.git20161120-160.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-160.1.x86_64",
"product": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64",
"product_id": "w3m-0.5.3.git20161120-160.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-160.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-160.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9434"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9434",
"url": "https://www.suse.com/security/cve/CVE-2016-9434"
},
{
"category": "external",
"summary": "SUSE Bug 1011283 for CVE-2016-9434",
"url": "https://bugzilla.suse.com/1011283"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9434",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9434"
},
{
"cve": "CVE-2016-9435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9435"
}
],
"notes": [
{
"category": "general",
"text": "The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to \u003cdd\u003e tags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9435",
"url": "https://www.suse.com/security/cve/CVE-2016-9435"
},
{
"category": "external",
"summary": "SUSE Bug 1011284 for CVE-2016-9435",
"url": "https://bugzilla.suse.com/1011284"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9435",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9435"
},
{
"cve": "CVE-2016-9436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9436"
}
],
"notes": [
{
"category": "general",
"text": "parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a \u003ci\u003e tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9436",
"url": "https://www.suse.com/security/cve/CVE-2016-9436"
},
{
"category": "external",
"summary": "SUSE Bug 1011285 for CVE-2016-9436",
"url": "https://bugzilla.suse.com/1011285"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9436",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9436"
},
{
"cve": "CVE-2016-9437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9437"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9437",
"url": "https://www.suse.com/security/cve/CVE-2016-9437"
},
{
"category": "external",
"summary": "SUSE Bug 1011286 for CVE-2016-9437",
"url": "https://bugzilla.suse.com/1011286"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9437",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9437"
},
{
"cve": "CVE-2016-9438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9438"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9438",
"url": "https://www.suse.com/security/cve/CVE-2016-9438"
},
{
"category": "external",
"summary": "SUSE Bug 1011287 for CVE-2016-9438",
"url": "https://bugzilla.suse.com/1011287"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9438",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9438"
},
{
"cve": "CVE-2016-9439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9439"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9439",
"url": "https://www.suse.com/security/cve/CVE-2016-9439"
},
{
"category": "external",
"summary": "SUSE Bug 1011288 for CVE-2016-9439",
"url": "https://bugzilla.suse.com/1011288"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9439",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9439"
},
{
"cve": "CVE-2016-9440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9440"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9440",
"url": "https://www.suse.com/security/cve/CVE-2016-9440"
},
{
"category": "external",
"summary": "SUSE Bug 1011289 for CVE-2016-9440",
"url": "https://bugzilla.suse.com/1011289"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9440",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9440"
},
{
"cve": "CVE-2016-9441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9441"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9441",
"url": "https://www.suse.com/security/cve/CVE-2016-9441"
},
{
"category": "external",
"summary": "SUSE Bug 1011290 for CVE-2016-9441",
"url": "https://bugzilla.suse.com/1011290"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9441",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9441"
},
{
"cve": "CVE-2016-9442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9442"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9442",
"url": "https://www.suse.com/security/cve/CVE-2016-9442"
},
{
"category": "external",
"summary": "SUSE Bug 1011291 for CVE-2016-9442",
"url": "https://bugzilla.suse.com/1011291"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9442",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9442"
},
{
"cve": "CVE-2016-9443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9443"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9443",
"url": "https://www.suse.com/security/cve/CVE-2016-9443"
},
{
"category": "external",
"summary": "SUSE Bug 1011292 for CVE-2016-9443",
"url": "https://bugzilla.suse.com/1011292"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9443",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9443"
},
{
"cve": "CVE-2016-9621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9621"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9621",
"url": "https://www.suse.com/security/cve/CVE-2016-9621"
},
{
"category": "external",
"summary": "SUSE Bug 1011278 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1011278"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012020 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1012020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9621"
},
{
"cve": "CVE-2016-9622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9622"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9622",
"url": "https://www.suse.com/security/cve/CVE-2016-9622"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9622",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012021 for CVE-2016-9622",
"url": "https://bugzilla.suse.com/1012021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9622"
},
{
"cve": "CVE-2016-9623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9623"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9623",
"url": "https://www.suse.com/security/cve/CVE-2016-9623"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9623",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012022 for CVE-2016-9623",
"url": "https://bugzilla.suse.com/1012022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9623"
},
{
"cve": "CVE-2016-9624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9624"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9624",
"url": "https://www.suse.com/security/cve/CVE-2016-9624"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9624",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012023 for CVE-2016-9624",
"url": "https://bugzilla.suse.com/1012023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9624"
},
{
"cve": "CVE-2016-9625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9625"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9625",
"url": "https://www.suse.com/security/cve/CVE-2016-9625"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9625",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012024 for CVE-2016-9625",
"url": "https://bugzilla.suse.com/1012024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9625"
},
{
"cve": "CVE-2016-9626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9626"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9626",
"url": "https://www.suse.com/security/cve/CVE-2016-9626"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9626",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012025 for CVE-2016-9626",
"url": "https://bugzilla.suse.com/1012025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9626"
},
{
"cve": "CVE-2016-9627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9627"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9627",
"url": "https://www.suse.com/security/cve/CVE-2016-9627"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9627",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012026 for CVE-2016-9627",
"url": "https://bugzilla.suse.com/1012026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9627"
},
{
"cve": "CVE-2016-9628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9628"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9628",
"url": "https://www.suse.com/security/cve/CVE-2016-9628"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9628",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012027 for CVE-2016-9628",
"url": "https://bugzilla.suse.com/1012027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9628"
},
{
"cve": "CVE-2016-9629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9629"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9629",
"url": "https://www.suse.com/security/cve/CVE-2016-9629"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9629",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012028 for CVE-2016-9629",
"url": "https://bugzilla.suse.com/1012028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9629"
},
{
"cve": "CVE-2016-9630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9630"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9630",
"url": "https://www.suse.com/security/cve/CVE-2016-9630"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9630",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012029 for CVE-2016-9630",
"url": "https://bugzilla.suse.com/1012029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9630"
},
{
"cve": "CVE-2016-9631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9631"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9631",
"url": "https://www.suse.com/security/cve/CVE-2016-9631"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9631",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012030 for CVE-2016-9631",
"url": "https://bugzilla.suse.com/1012030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9631"
},
{
"cve": "CVE-2016-9632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9632"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9632",
"url": "https://www.suse.com/security/cve/CVE-2016-9632"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9632",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012031 for CVE-2016-9632",
"url": "https://bugzilla.suse.com/1012031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9632"
},
{
"cve": "CVE-2016-9633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9633"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9633",
"url": "https://www.suse.com/security/cve/CVE-2016-9633"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9633",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012032 for CVE-2016-9633",
"url": "https://bugzilla.suse.com/1012032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:w3m-0.5.3.git20161120-160.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:w3m-0.5.3.git20161120-160.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-08T10:06:04Z",
"details": "moderate"
}
],
"title": "CVE-2016-9633"
}
]
}
suse-su-2016:3046-1
Vulnerability from csaf_suse
Published
2016-12-07 15:45
Modified
2016-12-07 15:45
Summary
Security update for w3m
Notes
Title of the patch
Security update for w3m
Description of the patch
This update for w3m fixes the following issues:
- update to debian git version (bsc#1011293)
addressed security issues:
CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)
CVE-2016-9622: w3m: null deref (bsc#1012021)
CVE-2016-9623: w3m: null deref (bsc#1012022)
CVE-2016-9624: w3m: near-null deref (bsc#1012023)
CVE-2016-9625: w3m: stack overflow (bsc#1012024)
CVE-2016-9626: w3m: stack overflow (bsc#1012025)
CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
CVE-2016-9628: w3m: null deref (bsc#1012027)
CVE-2016-9629: w3m: null deref (bsc#1012028)
CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
CVE-2016-9631: w3m: null deref (bsc#1012030)
CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
CVE-2016-9633: w3m: OOM (bsc#1012032)
CVE-2016-9434: w3m: null deref (bsc#1011283)
CVE-2016-9435: w3m: use uninit value (bsc#1011284)
CVE-2016-9436: w3m: use uninit value (bsc#1011285)
CVE-2016-9437: w3m: write to rodata (bsc#1011286)
CVE-2016-9438: w3m: null deref (bsc#1011287)
CVE-2016-9439: w3m: stack overflow (bsc#1011288)
CVE-2016-9440: w3m: near-null deref (bsc#1011289)
CVE-2016-9441: w3m: near-null deref (bsc#1011290)
CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
CVE-2016-9443: w3m: null deref (bsc#1011292)
Patchnames
slessp4-w3m-12875
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for w3m",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for w3m fixes the following issues:\n\n- update to debian git version (bsc#1011293)\n addressed security issues:\n CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)\n CVE-2016-9622: w3m: null deref (bsc#1012021)\n CVE-2016-9623: w3m: null deref (bsc#1012022)\n CVE-2016-9624: w3m: near-null deref (bsc#1012023)\n CVE-2016-9625: w3m: stack overflow (bsc#1012024)\n CVE-2016-9626: w3m: stack overflow (bsc#1012025)\n CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)\n CVE-2016-9628: w3m: null deref (bsc#1012027)\n CVE-2016-9629: w3m: null deref (bsc#1012028)\n CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)\n CVE-2016-9631: w3m: null deref (bsc#1012030)\n CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)\n CVE-2016-9633: w3m: OOM (bsc#1012032)\n CVE-2016-9434: w3m: null deref (bsc#1011283)\n CVE-2016-9435: w3m: use uninit value (bsc#1011284)\n CVE-2016-9436: w3m: use uninit value (bsc#1011285)\n CVE-2016-9437: w3m: write to rodata (bsc#1011286)\n CVE-2016-9438: w3m: null deref (bsc#1011287)\n CVE-2016-9439: w3m: stack overflow (bsc#1011288)\n CVE-2016-9440: w3m: near-null deref (bsc#1011289)\n CVE-2016-9441: w3m: near-null deref (bsc#1011290)\n CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)\n CVE-2016-9443: w3m: null deref (bsc#1011292)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-w3m-12875",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_3046-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:3046-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20163046-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:3046-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-December/002449.html"
},
{
"category": "self",
"summary": "SUSE Bug 1011269",
"url": "https://bugzilla.suse.com/1011269"
},
{
"category": "self",
"summary": "SUSE Bug 1011270",
"url": "https://bugzilla.suse.com/1011270"
},
{
"category": "self",
"summary": "SUSE Bug 1011271",
"url": "https://bugzilla.suse.com/1011271"
},
{
"category": "self",
"summary": "SUSE Bug 1011272",
"url": "https://bugzilla.suse.com/1011272"
},
{
"category": "self",
"summary": "SUSE Bug 1011283",
"url": "https://bugzilla.suse.com/1011283"
},
{
"category": "self",
"summary": "SUSE Bug 1011284",
"url": "https://bugzilla.suse.com/1011284"
},
{
"category": "self",
"summary": "SUSE Bug 1011285",
"url": "https://bugzilla.suse.com/1011285"
},
{
"category": "self",
"summary": "SUSE Bug 1011286",
"url": "https://bugzilla.suse.com/1011286"
},
{
"category": "self",
"summary": "SUSE Bug 1011287",
"url": "https://bugzilla.suse.com/1011287"
},
{
"category": "self",
"summary": "SUSE Bug 1011288",
"url": "https://bugzilla.suse.com/1011288"
},
{
"category": "self",
"summary": "SUSE Bug 1011289",
"url": "https://bugzilla.suse.com/1011289"
},
{
"category": "self",
"summary": "SUSE Bug 1011290",
"url": "https://bugzilla.suse.com/1011290"
},
{
"category": "self",
"summary": "SUSE Bug 1011291",
"url": "https://bugzilla.suse.com/1011291"
},
{
"category": "self",
"summary": "SUSE Bug 1011292",
"url": "https://bugzilla.suse.com/1011292"
},
{
"category": "self",
"summary": "SUSE Bug 1011293",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "self",
"summary": "SUSE Bug 1012020",
"url": "https://bugzilla.suse.com/1012020"
},
{
"category": "self",
"summary": "SUSE Bug 1012021",
"url": "https://bugzilla.suse.com/1012021"
},
{
"category": "self",
"summary": "SUSE Bug 1012022",
"url": "https://bugzilla.suse.com/1012022"
},
{
"category": "self",
"summary": "SUSE Bug 1012023",
"url": "https://bugzilla.suse.com/1012023"
},
{
"category": "self",
"summary": "SUSE Bug 1012024",
"url": "https://bugzilla.suse.com/1012024"
},
{
"category": "self",
"summary": "SUSE Bug 1012025",
"url": "https://bugzilla.suse.com/1012025"
},
{
"category": "self",
"summary": "SUSE Bug 1012026",
"url": "https://bugzilla.suse.com/1012026"
},
{
"category": "self",
"summary": "SUSE Bug 1012027",
"url": "https://bugzilla.suse.com/1012027"
},
{
"category": "self",
"summary": "SUSE Bug 1012028",
"url": "https://bugzilla.suse.com/1012028"
},
{
"category": "self",
"summary": "SUSE Bug 1012029",
"url": "https://bugzilla.suse.com/1012029"
},
{
"category": "self",
"summary": "SUSE Bug 1012030",
"url": "https://bugzilla.suse.com/1012030"
},
{
"category": "self",
"summary": "SUSE Bug 1012031",
"url": "https://bugzilla.suse.com/1012031"
},
{
"category": "self",
"summary": "SUSE Bug 1012032",
"url": "https://bugzilla.suse.com/1012032"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2074 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9422 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9423 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9424 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9425 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9434 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9435 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9436 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9437 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9438 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9439 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9440 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9441 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9442 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9443 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9621 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9622 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9623 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9624 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9625 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9626 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9627 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9628 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9629 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9630 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9631 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9633/"
}
],
"title": "Security update for w3m",
"tracking": {
"current_release_date": "2016-12-07T15:45:29Z",
"generator": {
"date": "2016-12-07T15:45:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:3046-1",
"initial_release_date": "2016-12-07T15:45:29Z",
"revision_history": [
{
"date": "2016-12-07T15:45:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-4.1.i586",
"product": {
"name": "w3m-0.5.3.git20161120-4.1.i586",
"product_id": "w3m-0.5.3.git20161120-4.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-4.1.ia64",
"product": {
"name": "w3m-0.5.3.git20161120-4.1.ia64",
"product_id": "w3m-0.5.3.git20161120-4.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-4.1.ppc64",
"product": {
"name": "w3m-0.5.3.git20161120-4.1.ppc64",
"product_id": "w3m-0.5.3.git20161120-4.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-4.1.s390x",
"product": {
"name": "w3m-0.5.3.git20161120-4.1.s390x",
"product_id": "w3m-0.5.3.git20161120-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-4.1.x86_64",
"product": {
"name": "w3m-0.5.3.git20161120-4.1.x86_64",
"product_id": "w3m-0.5.3.git20161120-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-2074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2074"
}
],
"notes": [
{
"category": "general",
"text": "istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a \u0027\\0\u0027 character in a domain name in the (1) subject\u0027s Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2074",
"url": "https://www.suse.com/security/cve/CVE-2010-2074"
},
{
"category": "external",
"summary": "SUSE Bug 609451 for CVE-2010-2074",
"url": "https://bugzilla.suse.com/609451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2010-2074"
},
{
"cve": "CVE-2016-9422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9422"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn\u0027t properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9422",
"url": "https://www.suse.com/security/cve/CVE-2016-9422"
},
{
"category": "external",
"summary": "SUSE Bug 1011269 for CVE-2016-9422",
"url": "https://bugzilla.suse.com/1011269"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9422",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "important"
}
],
"title": "CVE-2016-9422"
},
{
"cve": "CVE-2016-9423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9423"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9423",
"url": "https://www.suse.com/security/cve/CVE-2016-9423"
},
{
"category": "external",
"summary": "SUSE Bug 1011270 for CVE-2016-9423",
"url": "https://bugzilla.suse.com/1011270"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9423",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "important"
}
],
"title": "CVE-2016-9423"
},
{
"cve": "CVE-2016-9424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9424"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn\u0027t properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9424",
"url": "https://www.suse.com/security/cve/CVE-2016-9424"
},
{
"category": "external",
"summary": "SUSE Bug 1011271 for CVE-2016-9424",
"url": "https://bugzilla.suse.com/1011271"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9424",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "important"
}
],
"title": "CVE-2016-9424"
},
{
"cve": "CVE-2016-9425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9425"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9425",
"url": "https://www.suse.com/security/cve/CVE-2016-9425"
},
{
"category": "external",
"summary": "SUSE Bug 1011272 for CVE-2016-9425",
"url": "https://bugzilla.suse.com/1011272"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9425",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "important"
}
],
"title": "CVE-2016-9425"
},
{
"cve": "CVE-2016-9434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9434"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9434",
"url": "https://www.suse.com/security/cve/CVE-2016-9434"
},
{
"category": "external",
"summary": "SUSE Bug 1011283 for CVE-2016-9434",
"url": "https://bugzilla.suse.com/1011283"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9434",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9434"
},
{
"cve": "CVE-2016-9435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9435"
}
],
"notes": [
{
"category": "general",
"text": "The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to \u003cdd\u003e tags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9435",
"url": "https://www.suse.com/security/cve/CVE-2016-9435"
},
{
"category": "external",
"summary": "SUSE Bug 1011284 for CVE-2016-9435",
"url": "https://bugzilla.suse.com/1011284"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9435",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9435"
},
{
"cve": "CVE-2016-9436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9436"
}
],
"notes": [
{
"category": "general",
"text": "parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a \u003ci\u003e tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9436",
"url": "https://www.suse.com/security/cve/CVE-2016-9436"
},
{
"category": "external",
"summary": "SUSE Bug 1011285 for CVE-2016-9436",
"url": "https://bugzilla.suse.com/1011285"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9436",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9436"
},
{
"cve": "CVE-2016-9437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9437"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9437",
"url": "https://www.suse.com/security/cve/CVE-2016-9437"
},
{
"category": "external",
"summary": "SUSE Bug 1011286 for CVE-2016-9437",
"url": "https://bugzilla.suse.com/1011286"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9437",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9437"
},
{
"cve": "CVE-2016-9438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9438"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9438",
"url": "https://www.suse.com/security/cve/CVE-2016-9438"
},
{
"category": "external",
"summary": "SUSE Bug 1011287 for CVE-2016-9438",
"url": "https://bugzilla.suse.com/1011287"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9438",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9438"
},
{
"cve": "CVE-2016-9439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9439"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9439",
"url": "https://www.suse.com/security/cve/CVE-2016-9439"
},
{
"category": "external",
"summary": "SUSE Bug 1011288 for CVE-2016-9439",
"url": "https://bugzilla.suse.com/1011288"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9439",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9439"
},
{
"cve": "CVE-2016-9440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9440"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9440",
"url": "https://www.suse.com/security/cve/CVE-2016-9440"
},
{
"category": "external",
"summary": "SUSE Bug 1011289 for CVE-2016-9440",
"url": "https://bugzilla.suse.com/1011289"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9440",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9440"
},
{
"cve": "CVE-2016-9441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9441"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9441",
"url": "https://www.suse.com/security/cve/CVE-2016-9441"
},
{
"category": "external",
"summary": "SUSE Bug 1011290 for CVE-2016-9441",
"url": "https://bugzilla.suse.com/1011290"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9441",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9441"
},
{
"cve": "CVE-2016-9442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9442"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9442",
"url": "https://www.suse.com/security/cve/CVE-2016-9442"
},
{
"category": "external",
"summary": "SUSE Bug 1011291 for CVE-2016-9442",
"url": "https://bugzilla.suse.com/1011291"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9442",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9442"
},
{
"cve": "CVE-2016-9443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9443"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9443",
"url": "https://www.suse.com/security/cve/CVE-2016-9443"
},
{
"category": "external",
"summary": "SUSE Bug 1011292 for CVE-2016-9443",
"url": "https://bugzilla.suse.com/1011292"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9443",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9443"
},
{
"cve": "CVE-2016-9621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9621"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9621",
"url": "https://www.suse.com/security/cve/CVE-2016-9621"
},
{
"category": "external",
"summary": "SUSE Bug 1011278 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1011278"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012020 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1012020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9621"
},
{
"cve": "CVE-2016-9622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9622"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9622",
"url": "https://www.suse.com/security/cve/CVE-2016-9622"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9622",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012021 for CVE-2016-9622",
"url": "https://bugzilla.suse.com/1012021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9622"
},
{
"cve": "CVE-2016-9623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9623"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9623",
"url": "https://www.suse.com/security/cve/CVE-2016-9623"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9623",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012022 for CVE-2016-9623",
"url": "https://bugzilla.suse.com/1012022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9623"
},
{
"cve": "CVE-2016-9624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9624"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9624",
"url": "https://www.suse.com/security/cve/CVE-2016-9624"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9624",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012023 for CVE-2016-9624",
"url": "https://bugzilla.suse.com/1012023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9624"
},
{
"cve": "CVE-2016-9625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9625"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9625",
"url": "https://www.suse.com/security/cve/CVE-2016-9625"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9625",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012024 for CVE-2016-9625",
"url": "https://bugzilla.suse.com/1012024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9625"
},
{
"cve": "CVE-2016-9626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9626"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9626",
"url": "https://www.suse.com/security/cve/CVE-2016-9626"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9626",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012025 for CVE-2016-9626",
"url": "https://bugzilla.suse.com/1012025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9626"
},
{
"cve": "CVE-2016-9627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9627"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9627",
"url": "https://www.suse.com/security/cve/CVE-2016-9627"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9627",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012026 for CVE-2016-9627",
"url": "https://bugzilla.suse.com/1012026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9627"
},
{
"cve": "CVE-2016-9628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9628"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9628",
"url": "https://www.suse.com/security/cve/CVE-2016-9628"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9628",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012027 for CVE-2016-9628",
"url": "https://bugzilla.suse.com/1012027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9628"
},
{
"cve": "CVE-2016-9629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9629"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9629",
"url": "https://www.suse.com/security/cve/CVE-2016-9629"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9629",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012028 for CVE-2016-9629",
"url": "https://bugzilla.suse.com/1012028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9629"
},
{
"cve": "CVE-2016-9630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9630"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9630",
"url": "https://www.suse.com/security/cve/CVE-2016-9630"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9630",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012029 for CVE-2016-9630",
"url": "https://bugzilla.suse.com/1012029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9630"
},
{
"cve": "CVE-2016-9631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9631"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9631",
"url": "https://www.suse.com/security/cve/CVE-2016-9631"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9631",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012030 for CVE-2016-9631",
"url": "https://bugzilla.suse.com/1012030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9631"
},
{
"cve": "CVE-2016-9632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9632"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9632",
"url": "https://www.suse.com/security/cve/CVE-2016-9632"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9632",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012031 for CVE-2016-9632",
"url": "https://bugzilla.suse.com/1012031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9632"
},
{
"cve": "CVE-2016-9633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9633"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9633",
"url": "https://www.suse.com/security/cve/CVE-2016-9633"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9633",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012032 for CVE-2016-9633",
"url": "https://bugzilla.suse.com/1012032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:w3m-0.5.3.git20161120-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-07T15:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-9633"
}
]
}
gsd-2016-9632
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-9632",
"description": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"id": "GSD-2016-9632",
"references": [
"https://www.suse.com/security/cve/CVE-2016-9632.html",
"https://ubuntu.com/security/CVE-2016-9632",
"https://advisories.mageia.org/CVE-2016-9632.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-9632"
],
"details": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"id": "GSD-2016-9632",
"modified": "2023-12-13T01:21:21.784936Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tats/w3m/issues/43",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/issues/43"
},
{
"name": "https://github.com/tats/w3m/blob/master/ChangeLog",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"name": "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tats:w3m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC404FB-B7D2-41DE-934B-E4BA3EF37B75",
"versionEndIncluding": "0.5.3-32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento global del b\u00fafer y ca\u00edda) a trav\u00e9s de una p\u00e1gina HTML manipulada."
}
],
"id": "CVE-2016-9632",
"lastModified": "2023-12-29T18:38:04.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-12T02:59:49.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/tats/w3m/issues/43"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
opensuse-su-2024:10235-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
w3m-0.5.3.git20161120-1.1 on GA media
Notes
Title of the patch
w3m-0.5.3.git20161120-1.1 on GA media
Description of the patch
These are all security issues fixed in the w3m-0.5.3.git20161120-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10235
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "w3m-0.5.3.git20161120-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the w3m-0.5.3.git20161120-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10235",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10235-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2074 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4929 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9434 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9435 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9436 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9437 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9438 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9439 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9440 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9441 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9442 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9443 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9621 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9622 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9623 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9624 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9625 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9626 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9627 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9628 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9629 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9630 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9631 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9633/"
}
],
"title": "w3m-0.5.3.git20161120-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10235-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-1.1.aarch64",
"product": {
"name": "w3m-0.5.3.git20161120-1.1.aarch64",
"product_id": "w3m-0.5.3.git20161120-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"product": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"product_id": "w3m-inline-image-0.5.3.git20161120-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-1.1.ppc64le",
"product": {
"name": "w3m-0.5.3.git20161120-1.1.ppc64le",
"product_id": "w3m-0.5.3.git20161120-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"product": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"product_id": "w3m-inline-image-0.5.3.git20161120-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-1.1.s390x",
"product": {
"name": "w3m-0.5.3.git20161120-1.1.s390x",
"product_id": "w3m-0.5.3.git20161120-1.1.s390x"
}
},
{
"category": "product_version",
"name": "w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"product": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"product_id": "w3m-inline-image-0.5.3.git20161120-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "w3m-0.5.3.git20161120-1.1.x86_64",
"product": {
"name": "w3m-0.5.3.git20161120-1.1.x86_64",
"product_id": "w3m-0.5.3.git20161120-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "w3m-inline-image-0.5.3.git20161120-1.1.x86_64",
"product": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.x86_64",
"product_id": "w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64"
},
"product_reference": "w3m-0.5.3.git20161120-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le"
},
"product_reference": "w3m-0.5.3.git20161120-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x"
},
"product_reference": "w3m-0.5.3.git20161120-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-0.5.3.git20161120-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64"
},
"product_reference": "w3m-0.5.3.git20161120-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64"
},
"product_reference": "w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le"
},
"product_reference": "w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x"
},
"product_reference": "w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "w3m-inline-image-0.5.3.git20161120-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
},
"product_reference": "w3m-inline-image-0.5.3.git20161120-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-2074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2074"
}
],
"notes": [
{
"category": "general",
"text": "istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a \u0027\\0\u0027 character in a domain name in the (1) subject\u0027s Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2074",
"url": "https://www.suse.com/security/cve/CVE-2010-2074"
},
{
"category": "external",
"summary": "SUSE Bug 609451 for CVE-2010-2074",
"url": "https://bugzilla.suse.com/609451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2074"
},
{
"cve": "CVE-2012-4929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4929"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4929",
"url": "https://www.suse.com/security/cve/CVE-2012-4929"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2012-4929",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 779952 for CVE-2012-4929",
"url": "https://bugzilla.suse.com/779952"
},
{
"category": "external",
"summary": "SUSE Bug 793420 for CVE-2012-4929",
"url": "https://bugzilla.suse.com/793420"
},
{
"category": "external",
"summary": "SUSE Bug 803004 for CVE-2012-4929",
"url": "https://bugzilla.suse.com/803004"
},
{
"category": "external",
"summary": "SUSE Bug 847895 for CVE-2012-4929",
"url": "https://bugzilla.suse.com/847895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2012-4929"
},
{
"cve": "CVE-2016-9434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9434"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9434",
"url": "https://www.suse.com/security/cve/CVE-2016-9434"
},
{
"category": "external",
"summary": "SUSE Bug 1011283 for CVE-2016-9434",
"url": "https://bugzilla.suse.com/1011283"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9434",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9434"
},
{
"cve": "CVE-2016-9435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9435"
}
],
"notes": [
{
"category": "general",
"text": "The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to \u003cdd\u003e tags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9435",
"url": "https://www.suse.com/security/cve/CVE-2016-9435"
},
{
"category": "external",
"summary": "SUSE Bug 1011284 for CVE-2016-9435",
"url": "https://bugzilla.suse.com/1011284"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9435",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9435"
},
{
"cve": "CVE-2016-9436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9436"
}
],
"notes": [
{
"category": "general",
"text": "parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a \u003ci\u003e tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9436",
"url": "https://www.suse.com/security/cve/CVE-2016-9436"
},
{
"category": "external",
"summary": "SUSE Bug 1011285 for CVE-2016-9436",
"url": "https://bugzilla.suse.com/1011285"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9436",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9436"
},
{
"cve": "CVE-2016-9437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9437"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9437",
"url": "https://www.suse.com/security/cve/CVE-2016-9437"
},
{
"category": "external",
"summary": "SUSE Bug 1011286 for CVE-2016-9437",
"url": "https://bugzilla.suse.com/1011286"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9437",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9437"
},
{
"cve": "CVE-2016-9438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9438"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9438",
"url": "https://www.suse.com/security/cve/CVE-2016-9438"
},
{
"category": "external",
"summary": "SUSE Bug 1011287 for CVE-2016-9438",
"url": "https://bugzilla.suse.com/1011287"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9438",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9438"
},
{
"cve": "CVE-2016-9439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9439"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9439",
"url": "https://www.suse.com/security/cve/CVE-2016-9439"
},
{
"category": "external",
"summary": "SUSE Bug 1011288 for CVE-2016-9439",
"url": "https://bugzilla.suse.com/1011288"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9439",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9439"
},
{
"cve": "CVE-2016-9440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9440"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9440",
"url": "https://www.suse.com/security/cve/CVE-2016-9440"
},
{
"category": "external",
"summary": "SUSE Bug 1011289 for CVE-2016-9440",
"url": "https://bugzilla.suse.com/1011289"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9440",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9440"
},
{
"cve": "CVE-2016-9441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9441"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9441",
"url": "https://www.suse.com/security/cve/CVE-2016-9441"
},
{
"category": "external",
"summary": "SUSE Bug 1011290 for CVE-2016-9441",
"url": "https://bugzilla.suse.com/1011290"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9441",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9441"
},
{
"cve": "CVE-2016-9442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9442"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9442",
"url": "https://www.suse.com/security/cve/CVE-2016-9442"
},
{
"category": "external",
"summary": "SUSE Bug 1011291 for CVE-2016-9442",
"url": "https://bugzilla.suse.com/1011291"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9442",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9442"
},
{
"cve": "CVE-2016-9443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9443"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9443",
"url": "https://www.suse.com/security/cve/CVE-2016-9443"
},
{
"category": "external",
"summary": "SUSE Bug 1011292 for CVE-2016-9443",
"url": "https://bugzilla.suse.com/1011292"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9443",
"url": "https://bugzilla.suse.com/1011293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9443"
},
{
"cve": "CVE-2016-9621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9621"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9621",
"url": "https://www.suse.com/security/cve/CVE-2016-9621"
},
{
"category": "external",
"summary": "SUSE Bug 1011278 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1011278"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012020 for CVE-2016-9621",
"url": "https://bugzilla.suse.com/1012020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9621"
},
{
"cve": "CVE-2016-9622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9622"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9622",
"url": "https://www.suse.com/security/cve/CVE-2016-9622"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9622",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012021 for CVE-2016-9622",
"url": "https://bugzilla.suse.com/1012021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9622"
},
{
"cve": "CVE-2016-9623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9623"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9623",
"url": "https://www.suse.com/security/cve/CVE-2016-9623"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9623",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012022 for CVE-2016-9623",
"url": "https://bugzilla.suse.com/1012022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9623"
},
{
"cve": "CVE-2016-9624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9624"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9624",
"url": "https://www.suse.com/security/cve/CVE-2016-9624"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9624",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012023 for CVE-2016-9624",
"url": "https://bugzilla.suse.com/1012023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9624"
},
{
"cve": "CVE-2016-9625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9625"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9625",
"url": "https://www.suse.com/security/cve/CVE-2016-9625"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9625",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012024 for CVE-2016-9625",
"url": "https://bugzilla.suse.com/1012024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9625"
},
{
"cve": "CVE-2016-9626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9626"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9626",
"url": "https://www.suse.com/security/cve/CVE-2016-9626"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9626",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012025 for CVE-2016-9626",
"url": "https://bugzilla.suse.com/1012025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9626"
},
{
"cve": "CVE-2016-9627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9627"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9627",
"url": "https://www.suse.com/security/cve/CVE-2016-9627"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9627",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012026 for CVE-2016-9627",
"url": "https://bugzilla.suse.com/1012026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9627"
},
{
"cve": "CVE-2016-9628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9628"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9628",
"url": "https://www.suse.com/security/cve/CVE-2016-9628"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9628",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012027 for CVE-2016-9628",
"url": "https://bugzilla.suse.com/1012027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9628"
},
{
"cve": "CVE-2016-9629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9629"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9629",
"url": "https://www.suse.com/security/cve/CVE-2016-9629"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9629",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012028 for CVE-2016-9629",
"url": "https://bugzilla.suse.com/1012028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9629"
},
{
"cve": "CVE-2016-9630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9630"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9630",
"url": "https://www.suse.com/security/cve/CVE-2016-9630"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9630",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012029 for CVE-2016-9630",
"url": "https://bugzilla.suse.com/1012029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9630"
},
{
"cve": "CVE-2016-9631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9631"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9631",
"url": "https://www.suse.com/security/cve/CVE-2016-9631"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9631",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012030 for CVE-2016-9631",
"url": "https://bugzilla.suse.com/1012030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9631"
},
{
"cve": "CVE-2016-9632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9632"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9632",
"url": "https://www.suse.com/security/cve/CVE-2016-9632"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9632",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012031 for CVE-2016-9632",
"url": "https://bugzilla.suse.com/1012031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9632"
},
{
"cve": "CVE-2016-9633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9633"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9633",
"url": "https://www.suse.com/security/cve/CVE-2016-9633"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2016-9633",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1012032 for CVE-2016-9633",
"url": "https://bugzilla.suse.com/1012032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-0.5.3.git20161120-1.1.x86_64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.aarch64",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.ppc64le",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.s390x",
"openSUSE Tumbleweed:w3m-inline-image-0.5.3.git20161120-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9633"
}
]
}
fkie_cve-2016-9632
Vulnerability from fkie_nvd
Published
2016-12-12 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/11/24/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://github.com/tats/w3m/blob/master/ChangeLog | Issue Tracking, Patch | |
| cve@mitre.org | https://github.com/tats/w3m/issues/43 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/11/24/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tats/w3m/blob/master/ChangeLog | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tats/w3m/issues/43 | Issue Tracking, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tats:w3m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC404FB-B7D2-41DE-934B-E4BA3EF37B75",
"versionEndIncluding": "0.5.3-32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en el fork de Tatsuya Kinoshita w3m en versiones anteriores a 0.5.3-33. w3m permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento global del b\u00fafer y ca\u00edda) a trav\u00e9s de una p\u00e1gina HTML manipulada."
}
],
"id": "CVE-2016-9632",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-12T02:59:49.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/tats/w3m/issues/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/tats/w3m/issues/43"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-g865-vjxw-pg44
Vulnerability from github
Published
2022-05-17 03:21
Modified
2022-05-17 03:21
Severity ?
Details
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2016-9632"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-12-12T02:59:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.",
"id": "GHSA-g865-vjxw-pg44",
"modified": "2022-05-17T03:21:45Z",
"published": "2022-05-17T03:21:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9632"
},
{
"type": "WEB",
"url": "https://github.com/tats/w3m/issues/43"
},
{
"type": "WEB",
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.