CVE-2011-2778

描述

Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.

受影響套件(2)

• Debian/torfrom 0, < 0.2.2.35-1
• Debian/torfrom 0, < 0.2.2.35-1~squeeze+1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2778