3 matches found
CVE-2016-3180
Tor Browser Launcher aka torbrowser-launcher before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature...
CVE-2016-3180
CVE-2016-3180 affects Tor Browser Launcher (torbrowser-launcher) up to version 0.2.3. During the initial run, an attacker could perform a man‑in‑the‑middle to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file with a corresponding signature. This results ...
CVE-2016-3180
Tor Browser Launcher aka torbrowser-launcher before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature...