Vulnerabilities > TOR > TOR > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-12-23 | CVE-2011-2778 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in TOR Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration. | 7.6 |
| 2008-12-09 | CVE-2008-5397 | Permissions, Privileges, and Access Controls vulnerability in TOR Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process. | 7.2 |
| 2006-07-07 | CVE-2006-3409 | Information Disclosure And Denial of Service vulnerability in Trac Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists. | 7.5 |