CVE-2010-1676
tor - potential code execution
EPSS 12.4%
Description
Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
How to fix CVE-2010-1676
To remediate CVE-2010-1676, upgrade the affected package to a fixed version below.
- Debian/tor—upgrade to 0.2.1.26-6 or later
- Debian/tor—upgrade to 0.2.1.26-1~lenny+4 or later
Is CVE-2010-1676 being exploited?
Moderate — EPSS is 12.4%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.2.1.26-6
- from 0, < 0.2.1.26-1~lenny+4