Back to search
CVE-2017-16541
Published: Nov 4, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://trac.torproject.org/projects/tor/ticket/24052
x_refsource_MISC
GLSA-201810-01
vendor-advisory
x_refsource_GENTOO
RHSA-2018:2693
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update
mailing-list
x_refsource_MLIST
GLSA-201811-13
vendor-advisory
x_refsource_GENTOO
DSA-4327
vendor-advisory
x_refsource_DEBIAN
RHSA-2018:3403
vendor-advisory
x_refsource_REDHAT
https://blog.torproject.org/tor-browser-709-released
x_refsource_MISC
1041610
vdb-entry
x_refsource_SECTRACK
101665
vdb-entry
x_refsource_BID
RHSA-2018:2692
vendor-advisory
x_refsource_REDHAT
RHSA-2018:3458
vendor-advisory
x_refsource_REDHAT
https://bugzilla.mozilla.org/show_bug.cgi?id=1412081
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now