1 results (0.001 seconds)
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3180
https://notcve.org/view.php?id=CVE-2016-3180
07 Feb 2017 — Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature. Tor Browser Launcher (también conocido como torbrowser-launcher) en versiones anteriores a 0.2.4, durante la ejecución inicial, permite a atacantes man-in-the-middle eludir la verificación de la firma PGP y ejecutar código arbitrario a t... • http://www.securityfocus.com/bid/96140 • CWE-254: 7PK - Security Features •