Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file (config.txt or config) that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration.
CPE | Name | Operator | Version |
---|---|---|---|
vidalia_bundle | le | 0.1.2.17 |