Summary
This host is installed with Tor and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.
Impact level: Application
Solution
Upgrade to Tor version 0.2.1.30 or later
http://www.torproject.org/download/download.html.en
Insight
The flaw is caused by an boundary error within the policy_summarize function in Tor, which can be exploited to crash a Tor directory authority.
Affected
Tor version prior to 0.2.1.30 on Windows.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-1924 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities