Heap-based Buffer Overflows in Tor: Remote Code Execution and Denial of Service Vulnerabilities

Heap-based Buffer Overflows in Tor: Remote Code Execution and Denial of Service Vulnerabilities

CVE-2011-2778 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.

Learn more about our Web Application Penetration Testing UK.