Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2007-4098

Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.

Published: Jul 30, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-4098
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:N/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
tor / tor	0.1.1.1_alpha	0.1.1.1_alpha.x
tor / tor	0.1.2.1_alpha-cvs	0.1.2.1_alpha-cvs.x
tor / tor	0.1.0.18	0.1.0.18.x
tor / tor	0.1.1.23	0.1.1.23.x
tor / tor	0.1.0.10	0.1.0.10.x
tor / tor	0.1.0.12	0.1.0.12.x
tor / tor	0.1.1.3_alpha	0.1.1.3_alpha.x
tor / tor	0.1.2.14	0.1.2.14.x
tor / tor	0.1.0.13	0.1.0.13.x
tor / tor	0.1.0.14	0.1.0.14.x
tor / tor	0.1.1.4_alpha	0.1.1.4_alpha.x
tor / tor	0.1.1.2_alpha	0.1.1.2_alpha.x
tor / tor	0.1.1.20	0.1.1.20.x
tor / tor	0.1.1.5_alpha	0.1.1.5_alpha.x
tor / tor	0.1.0.11	0.1.0.11.x