Vulnerabilities > CVE-2016-3180 - 7PK - Security Features vulnerability in TOR Browser Launcher Project TOR Browser Launcher 0.2.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |