CVE-2007-4098

EPSS 1.2%

Published: 7/30/2007Modified: 4/28/2026

Description

Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.

Affected packages (1)

Debian/torfrom 0, < 0.1.2.15-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-4098