5.8

CVE-2007-4098

Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TorTor Version0.1.0.10
TorTor Version0.1.0.11
TorTor Version0.1.0.12
TorTor Version0.1.0.13
TorTor Version0.1.0.14
TorTor Version0.1.0.18
TorTor Version0.1.1.1_alpha
TorTor Version0.1.1.2_alpha
TorTor Version0.1.1.3_alpha
TorTor Version0.1.1.4_alpha
TorTor Version0.1.1.5_alpha
TorTor Version0.1.1.20
TorTor Version0.1.1.23
TorTor Version0.1.2.1_alpha-cvs
TorTor Version0.1.2.14
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.9% 0.769
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:N/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.seul.org/or/announce/Jul-2007/msg00000.html
Patch
http://secunia.com/advisories/26140
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25035
Patch
http://www.vupen.com/english/advisories/2007/2634
http://osvdb.org/46970