CVE Vulnerabilities

CVE-2002-1348

Published: Feb 19, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.

Affected Software

Name Vendor Start Version End Version
W3m W3m 0.2 (including) 0.2 (including)
W3m W3m 0.2.1 (including) 0.2.1 (including)
W3m W3m 0.2.2 (including) 0.2.2 (including)
W3m W3m 0.2.3 (including) 0.2.3 (including)
W3m W3m 0.2.4 (including) 0.2.4 (including)
W3m W3m 0.2.5 (including) 0.2.5 (including)
W3m W3m 0.2.5.1 (including) 0.2.5.1 (including)
W3m W3m 0.3 (including) 0.3 (including)
W3m W3m 0.3.1 (including) 0.3.1 (including)
W3m W3m 0.3.2 (including) 0.3.2 (including)
W3m W3m 0.3.2.1 (including) 0.3.2.1 (including)
W3m W3m 0.3.2.2 (including) 0.3.2.2 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Linux 7.0j RedHat *
Red Hat Linux 7.2 RedHat *
Red Hat Linux 7.3 RedHat *
Red Hat Linux 8.0 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *

References