CVE-2011-2778

EPSS 3.5%

tor - buffer overflow

Published: 12/23/2011Modified: 4/28/2026

Description

Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.

Affected packages (2)

Debian/torfrom 0, < 0.2.2.35-1
Debian/torfrom 0, < 0.2.2.35-1~squeeze+1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2778