CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-0939

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1450%
EPSS Percentile24.07th
Published2009年3月18日
Last Modified2026年4月23日

Vulnerability Description

Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0.

Affected Platforms (CPE)

📦
Tor

Tor

<= 0.2.0.33
📦
Tor

Tor

= 0.2.0.1
📦
Tor

Tor

= 0.2.0.2
📦
Tor

Tor

= 0.2.0.3
📦
Tor

Tor

= 0.2.0.4
📦
Tor

Tor

= 0.2.0.5
📦
Tor

Tor

= 0.2.0.6
📦
Tor

Tor

= 0.2.0.10
📦
Tor

Tor

= 0.2.0.11
📦
Tor

Tor

= 0.2.0.12
📦
Tor

Tor

= 0.2.0.13
📦
Tor

Tor

= 0.2.0.14
📦
Tor

Tor

= 0.2.0.15
📦
Tor

Tor

= 0.2.0.16
📦
Tor

Tor

= 0.2.0.17
📦
Tor

Tor

= 0.2.0.18
📦
Tor

Tor

= 0.2.0.19
📦
Tor

Tor

= 0.2.0.20
📦
Tor

Tor

= 0.2.0.21
📦
Tor

Tor

= 0.2.0.22
📦
Tor

Tor

= 0.2.0.23
📦
Tor

Tor

= 0.2.0.24
📦
Tor

Tor

= 0.2.0.25
📦
Tor

Tor

= 0.2.0.26
📦
Tor

Tor

= 0.2.0.27
📦
Tor

Tor

= 0.2.0.28
📦
Tor

Tor

= 0.2.0.29
📦
Tor

Tor

= 0.2.0.30
📦
Tor

Tor

= 0.2.0.31
📦
Tor

Tor

= 0.2.0.32

References & Advisories

🔗 http://archives.seul.org/or/announce/Feb-2009/msg00000.html
🔗 http://secunia.com/advisories/33880
🔗 http://secunia.com/advisories/34583
🔗 http://security.gentoo.org/glsa/glsa-200904-11.xml
🔗 http://www.securityfocus.com/bid/33713
🔗 http://archives.seul.org/or/announce/Feb-2009/msg00000.html
🔗 http://secunia.com/advisories/33880
🔗 http://secunia.com/advisories/34583

相关漏洞威胁

CVE-2010-167610.0

Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of s...

CVE-2009-041410.0

Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.

CVE-2018-169839.8

NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the...

CVE-2008-53989.3

Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exi...