CVSS: 10.0EPSS: 1%CPEs: 160EXPL: 1CVE-2009-0414
https://notcve.org/view.php?id=CVE-2009-0414
03 Feb 2009 — Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. Vulnerabilidad sin especificar en Tor anterior a v0.2.0.33 tiene un impacto y vectores de ataque desconocidos que lanzan una corrupción de montículo (heap). • http://archives.seul.org/or/announce/Jan-2009/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2008-5397
https://notcve.org/view.php?id=CVE-2008-5397
09 Dec 2008 — Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process. Tor anterior a v0.2.32 no procesa adecuadamente la configuración de las opciones de (1)usuario (User) y (2) Grupo (group), lo que permitiría a usuarios locales obtener privilegios aprovechando la pertenencia a grupos creados por defecto en los procesos de Tor. • http://blog.torproject.org/blog/tor-0.2.0.32-released • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 100EXPL: 0CVE-2008-5398
https://notcve.org/view.php?id=CVE-2008-5398
09 Dec 2008 — Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an unknown impact by mapping an internal IP address to the destination hostname of a refused stream. Tor anterior a v0.2.0.32 no procesa adecuadamente la opción de configuración ClientDNSRejectInternalAddresses en situaciones donde una cuestión en la salida de transmisión de una política qu... • http://blog.torproject.org/blog/tor-0.2.0.32-released • CWE-264: Permissions, Privileges, and Access Controls •