Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.
CPE | Name | Operator | Version |
---|---|---|---|
tor | eq | 0.2.1.1.14 | |
tor | eq | 0.2.1.10 alpha | |
tor | eq | 0.2.2.17 alpha | |
tor | eq | 0.1.1.6 | |
tor | eq | 0.2.1.26 | |
tor | eq | 0.1.1.2 alpha | |
tor | eq | 0.2.1.1.4 alpha | |
tor | eq | 0.2.1.1.1 alpha | |
tor | eq | 0.1.1.9 | |
tor | eq | 0.0.6.2 |