CVE-2016-9442 |
Medium |
Yes |
Denial of service |
A potential heap buffer corruption vulnerability has been discovered due to Strgrow. Note that w3m's allocator (boehmgc) preserves more space than the... |
CVE-2016-9441 |
Medium |
Yes |
Denial of service |
A null pointer dereference problem has been discovered in the do_refill() function triggered by a malformed table_alt tag leading to a segmentation fault... |
CVE-2016-9440 |
Medium |
Yes |
Denial of service |
A null pointer dereference problem has been discovered in the formUpdateBuffer() function leading to a segmentation fault resulting in an application crash. |
CVE-2016-9439 |
Medium |
Yes |
Denial of service |
An infinite recursion problem has been discovered when processing nested table and textarea elements leading to an application crash. |
CVE-2016-9438 |
Medium |
Yes |
Denial of service |
A null pointer dereference problem has been discovered while processing the input_alt tag leading to an application crash. |
CVE-2016-9437 |
High |
Yes |
Arbitrary code execution |
An out of bounds write access has been discovered when using invalid button element type properties like '<button type=radio>'. |
CVE-2016-9436 |
High |
Yes |
Arbitrary code execution |
Multiple issues have been discovered related to uninitialized values for <i> and <dd> HTML elements. A missing null string termination for the tagname... |
CVE-2016-9435 |
High |
Yes |
Arbitrary code execution |
Multiple issues have been discovered related to uninitialized values for <i> and <dd> HTML elements. A missing PUSH_ENV(HTML_DL) call is leading to a... |
CVE-2016-9434 |
Critical |
Yes |
Arbitrary code execution |
An out of bounds write vulnerability has been discovered while handling form_int fields. An incorrect form_int fid is not properly checked and leads to an... |
CVE-2016-9433 |
Medium |
Yes |
Denial of service |
An out of bounds read access has been discovered in the iso2022 parsing while calculating the WC_CCS_INDEX leading to an application crash resulting in... |
CVE-2016-9432 |
High |
Yes |
Arbitrary code execution |
A vulnerability has been discovered in formUpdateBuffer() duo to insufficient bounds validation leading to a negative sized bcopy() call getting converted... |
CVE-2016-9431 |
Critical |
Yes |
Arbitrary code execution |
A stack overflow vulnerability has been discovered in deleteFrameSet() on specially crafted input like a malformed HTML tag. |
CVE-2016-9430 |
Medium |
Yes |
Denial of service |
A problem has been discovered resulting in malformed input field type properties leading to an application crash. |
CVE-2016-9429 |
High |
Yes |
Arbitrary code execution |
An out of bounds write vulnerability has been discovered in formUpdateBuffer() duo to invalid length and position checks. |
CVE-2016-9428 |
High |
Yes |
Arbitrary code execution |
A heap buffer overflow vulnerability has been discovered in addMultirowsForm() duo to an invalid array access resulting in a write to lineBuf[-1]. |
CVE-2016-9426 |
Critical |
Yes |
Arbitrary code execution |
A heap corruption vulnerability has been discovered due to an integer overflow in renderTable() leading to an unexpected write outside the tabwidth array boundaries. |
CVE-2016-9425 |
High |
Yes |
Arbitrary code execution |
A heap buffer overflow vulnerability has been discovered in addMultirowsForm() duo to an invalid array access resulting in a write to lineBuf[-1]. |
CVE-2016-9424 |
High |
Yes |
Arbitrary code execution |
A heap out of bound write has been discovered due to a negative array index for selectnumber and textareanumber. |
CVE-2016-9423 |
Critical |
Yes |
Arbitrary code execution |
A stack overflow vulnerability has been discovered in deleteFrameSet() on specially crafted input like a malformed HTML tag. |
CVE-2016-9422 |
High |
Yes |
Arbitrary code execution |
A problem has been discovered when rowspan and colspan are not at least 1. If either one of them is zero and the other is larger than 1, HTT_X and HTT_Y... |