Vulnerabilities > TOR > TOR > 0.2.0.30
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-01-19 | CVE-2011-0491 | Improper Input Validation vulnerability in TOR The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors." | 5.0 |
2011-01-19 | CVE-2011-0490 | Denial of Service vulnerability in Tor Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages. | 5.0 |
2011-01-19 | CVE-2011-0427 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in TOR Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | 6.8 |
2011-01-19 | CVE-2011-0016 | Resource Management Errors vulnerability in TOR Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process. | 2.1 |
2011-01-19 | CVE-2011-0015 | Improper Input Validation vulnerability in TOR Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large compression factor. | 5.0 |
2009-03-18 | CVE-2009-0939 | Denial of Service vulnerability in Tor Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. | 10.0 |
2009-03-18 | CVE-2009-0938 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input." | 5.0 |
2009-03-18 | CVE-2009-0937 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. | 5.0 |
2009-03-18 | CVE-2009-0936 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." | 5.0 |
2009-02-20 | CVE-2009-0654 | Remote Security vulnerability in Tor Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. | 5.1 |