Vulnerabilities > TOR > TOR > 0.2.0.13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-01-19 | CVE-2011-0491 | Improper Input Validation vulnerability in TOR The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors." | 5.0 |
2011-01-19 | CVE-2011-0490 | Denial of Service vulnerability in Tor Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages. | 5.0 |
2011-01-19 | CVE-2011-0427 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in TOR Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | 6.8 |
2011-01-19 | CVE-2011-0016 | Resource Management Errors vulnerability in TOR Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process. | 2.1 |
2011-01-19 | CVE-2011-0015 | Improper Input Validation vulnerability in TOR Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large compression factor. | 5.0 |
2009-07-10 | CVE-2009-2426 | Remote Security vulnerability in Tor The connection_edge_process_relay_cell_not_open function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. | 5.0 |
2009-03-18 | CVE-2009-0939 | Denial of Service vulnerability in Tor Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. | 10.0 |
2009-03-18 | CVE-2009-0938 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input." | 5.0 |
2009-03-18 | CVE-2009-0937 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. | 5.0 |
2009-03-18 | CVE-2009-0936 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." | 5.0 |