Bug 27737

Summary: w3m security vulnerability CVE-2018-6198
Product: Mageia Reporter: Zombie Ryushu <zombie_ryushu>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://nvd.nist.gov/vuln/detail/CVE-2018-6198
Whiteboard:
Source RPM: w3m CVE:
Status comment:

Description Zombie Ryushu 2020-12-04 11:30:16 CET 
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
Comment 1 David Walser 2020-12-04 13:36:41 CET 
Already fixed.

*** This bug has been marked as a duplicate of bug 22504 ***

Resolution: (none) => DUPLICATE
Status: NEW => RESOLVED