CVE-2011-0427

2011-01-1912:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-0427

tor

buffer overflow

denial of service

memory corruption

application crash

remote attackers

nvd

vulnerability

8.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.049 Low

EPSS

Percentile

92.8%

JSON

Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
tor:tortoreq0.2.1.10
tor:tortoreq0.2.2.17
tor:tortoreq0.1.1.6
tor:tortoreq0.2.1.26
tor:tortoreq0.1.1.2
tor:tortoreq0.1.1.9
tor:tortoreq0.0.6.2
tor:tortoreq0.2.2.8
tor:tortoreq0.0.2_pre24
tor:tortoreq0.2.0.30

CPE	Name	Operator	Version
tor:tor	tor	eq	0.2.1.10
tor:tor	tor	eq	0.2.2.17
tor:tor	tor	eq	0.1.1.6
tor:tor	tor	eq	0.2.1.26
tor:tor	tor	eq	0.1.1.2
tor:tor	tor	eq	0.1.1.9
tor:tor	tor	eq	0.0.6.2
tor:tor	tor	eq	0.2.2.8
tor:tor	tor	eq	0.0.2_pre24
tor:tor	tor	eq	0.2.0.30