USN-3214-1: w3m vulnerabilities

2 March 2017

w3m vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in w3m.

Software Description

• w3m - WWW browsable pager with excellent tables/frames support

Details

A large number of security issues were discovered in the w3m browser. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 LTS

w3m - 0.5.3-15ubuntu0.1

Ubuntu 12.04 LTS

w3m - 0.5.3-5ubuntu1.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2016-9422
• CVE-2016-9423
• CVE-2016-9424
• CVE-2016-9425
• CVE-2016-9426
• CVE-2016-9428
• CVE-2016-9429
• CVE-2016-9430
• CVE-2016-9431
• CVE-2016-9432
• CVE-2016-9433
• CVE-2016-9434
• CVE-2016-9435
• CVE-2016-9436
• CVE-2016-9437
• CVE-2016-9438
• CVE-2016-9439
• CVE-2016-9440
• CVE-2016-9441
• CVE-2016-9442
• CVE-2016-9443
• CVE-2016-9622
• CVE-2016-9623
• CVE-2016-9624
• CVE-2016-9625
• CVE-2016-9626
• CVE-2016-9627
• CVE-2016-9628
• CVE-2016-9629
• CVE-2016-9630
• CVE-2016-9631
• CVE-2016-9632
• CVE-2016-9633