Uninitialized Values in HTMLtagproc1 Function in w3m

Uninitialized Values in HTMLtagproc1 Function in w3m

CVE-2016-9435 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.

Learn more about our Web Application Penetration Testing UK.