Ubuntu Security Notice 967-1 – Ludwig Nussel discovered w3m does not properly handle SSL/TLS certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/92627/USN-967-1.txt
Source: https://packetstormsecurity.com/files/92627/Ubuntu-Security-Notice-967-1.html