CVE-2016-9442 log

Severity Medium
Remote Yes
Type Denial of service
A potential heap buffer corruption vulnerability has been discovered due to Strgrow. Note that w3m's allocator (boehmgc) preserves more space than the required size due to bucketing so the heap shouldn't be corrupted in practice.
Group Package Affected Fixed Severity Status Ticket
AVG-73 w3m 0.5.3.git20160413-1 0.5.3.git20161031-1 Critical Fixed
Date Advisory Group Package Severity Type
18 Nov 2016 ASA-201611-18 AVG-73 w3m Critical multiple issues