CVE-2016-3180
CVE-2016-3180 affects Tor Browser Launcher (torbrowser-launcher) up to version 0.2.3. During the initial run, an attacker could perform a man‑in‑the‑middle to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file with a corresponding signature. This results ...