{"id":"USN-3214-1","summary":"w3m vulnerabilities","details":"A large number of security issues were discovered in the w3m browser. If a\nuser were tricked into viewing a malicious website, a remote attacker could\nexploit a variety of issues related to web browser security, including\ncross-site scripting attacks, denial of service attacks, and arbitrary code\nexecution.\n","modified":"2026-02-10T04:41:05Z","published":"2017-03-02T14:48:47Z","related":["UBUNTU-CVE-2016-9422","UBUNTU-CVE-2016-9423","UBUNTU-CVE-2016-9424","UBUNTU-CVE-2016-9425","UBUNTU-CVE-2016-9426","UBUNTU-CVE-2016-9428","UBUNTU-CVE-2016-9429","UBUNTU-CVE-2016-9430","UBUNTU-CVE-2016-9431","UBUNTU-CVE-2016-9432","UBUNTU-CVE-2016-9433","UBUNTU-CVE-2016-9434","UBUNTU-CVE-2016-9435","UBUNTU-CVE-2016-9436","UBUNTU-CVE-2016-9437","UBUNTU-CVE-2016-9438","UBUNTU-CVE-2016-9439","UBUNTU-CVE-2016-9440","UBUNTU-CVE-2016-9441","UBUNTU-CVE-2016-9442","UBUNTU-CVE-2016-9443","UBUNTU-CVE-2016-9622","UBUNTU-CVE-2016-9623","UBUNTU-CVE-2016-9624","UBUNTU-CVE-2016-9625","UBUNTU-CVE-2016-9626","UBUNTU-CVE-2016-9627","UBUNTU-CVE-2016-9628","UBUNTU-CVE-2016-9629","UBUNTU-CVE-2016-9630","UBUNTU-CVE-2016-9631","UBUNTU-CVE-2016-9632","UBUNTU-CVE-2016-9633"],"upstream":["CVE-2016-9422","CVE-2016-9423","CVE-2016-9424","CVE-2016-9425","CVE-2016-9426","CVE-2016-9428","CVE-2016-9429","CVE-2016-9430","CVE-2016-9431","CVE-2016-9432","CVE-2016-9433","CVE-2016-9434","CVE-2016-9435","CVE-2016-9436","CVE-2016-9437","CVE-2016-9438","CVE-2016-9439","CVE-2016-9440","CVE-2016-9441","CVE-2016-9442","CVE-2016-9443","CVE-2016-9622","CVE-2016-9623","CVE-2016-9624","CVE-2016-9625","CVE-2016-9626","CVE-2016-9627","CVE-2016-9628","CVE-2016-9629","CVE-2016-9630","CVE-2016-9631","CVE-2016-9632","CVE-2016-9633","UBUNTU-CVE-2016-9422","UBUNTU-CVE-2016-9423","UBUNTU-CVE-2016-9424","UBUNTU-CVE-2016-9425","UBUNTU-CVE-2016-9426","UBUNTU-CVE-2016-9428","UBUNTU-CVE-2016-9429","UBUNTU-CVE-2016-9430","UBUNTU-CVE-2016-9431","UBUNTU-CVE-2016-9432","UBUNTU-CVE-2016-9433","UBUNTU-CVE-2016-9434","UBUNTU-CVE-2016-9435","UBUNTU-CVE-2016-9436","UBUNTU-CVE-2016-9437","UBUNTU-CVE-2016-9438","UBUNTU-CVE-2016-9439","UBUNTU-CVE-2016-9440","UBUNTU-CVE-2016-9441","UBUNTU-CVE-2016-9442","UBUNTU-CVE-2016-9443","UBUNTU-CVE-2016-9622","UBUNTU-CVE-2016-9623","UBUNTU-CVE-2016-9624","UBUNTU-CVE-2016-9625","UBUNTU-CVE-2016-9626","UBUNTU-CVE-2016-9627","UBUNTU-CVE-2016-9628","UBUNTU-CVE-2016-9629","UBUNTU-CVE-2016-9630","UBUNTU-CVE-2016-9631","UBUNTU-CVE-2016-9632","UBUNTU-CVE-2016-9633"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3214-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9422"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9423"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9424"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9425"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9426"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9428"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9429"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9430"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9431"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9432"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9433"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9434"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9435"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9436"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9437"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9438"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9439"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9440"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9441"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9442"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9443"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9622"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9623"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9624"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9625"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9626"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9627"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9628"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9629"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9630"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9631"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9632"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-9633"}],"affected":[{"package":{"name":"w3m","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/w3m@0.5.3-15ubuntu0.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.3-15ubuntu0.1"}]}],"versions":["0.5.3-11","0.5.3-12","0.5.3-13","0.5.3-15"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"0.5.3-15ubuntu0.1","binary_name":"w3m"},{"binary_version":"0.5.3-15ubuntu0.1","binary_name":"w3m-img"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9422"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9423"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9424"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9425"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9426"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9428"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9429"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9430"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9431"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9432"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9433"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9434"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9435"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9436"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9437"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9438"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9439"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9440"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9441"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9442"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2016-9443"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9622"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9623"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9624"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9625"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9626"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9627"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9628"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9629"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9630"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9631"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9632"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2016-9633"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3214-1.json"}}],"schema_version":"1.7.3"}