Home

CVE-2017-16541

Description

Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
4.526

Associated Vulnerability

VulnerabilityOS Platform
thunderbird security update(DSA-4327-1) thunderbird_60.2.1-2~deb9u1_i386.debLinux
thunderbird security update(DSA-4327-1) thunderbird_60.2.1-2~deb9u1_amd64.debLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) apache2-mod_nss-1.0.14-19.6.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) apache2-mod_nss-debuginfo-1.0.14-19.6.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) apache2-mod_nss-debugsource-1.0.14-19.6.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfreebl3-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfreebl3-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfreebl3-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfreebl3-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsoftokn3-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsoftokn3-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsoftokn3-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsoftokn3-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nspr-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nspr-32bit-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nspr-debuginfo-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nspr-debuginfo-32bit-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nspr-debugsource-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-certs-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-certs-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-certs-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) libfreebl3-hmac-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) libfreebl3-hmac-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-certs-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-debugsource-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-sysinit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-sysinit-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-sysinit-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-sysinit-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-tools-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) mozilla-nss-tools-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) MozillaFirefox-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) MozillaFirefox-branding-SLE-60-32.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) MozillaFirefox-debuginfo-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) MozillaFirefox-debugsource-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Desktop 12-SP3 ) MozillaFirefox-translations-common-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) libsoftokn3-hmac-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-1(SUSE Linux Enterprise Server 12-SP3 ) libsoftokn3-hmac-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libfreebl3-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libfreebl3-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libfreebl3-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libfreebl3-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) apache2-mod_nss-1.0.14-19.6.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) apache2-mod_nss-debuginfo-1.0.14-19.6.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) apache2-mod_nss-debugsource-1.0.14-19.6.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsoftokn3-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsoftokn3-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsoftokn3-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsoftokn3-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nspr-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nspr-32bit-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nspr-debuginfo-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nspr-debuginfo-32bit-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nspr-debugsource-4.19-19.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-certs-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-certs-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-certs-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-certs-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-debugsource-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-sysinit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) libfreebl3-hmac-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-sysinit-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) libfreebl3-hmac-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-sysinit-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-sysinit-debuginfo-32bit-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-tools-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) mozilla-nss-tools-debuginfo-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-branding-SLE-60-32.3.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-debuginfo-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-debugsource-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-translations-common-60.2.2esr-109.46.1.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) libsoftokn3-hmac-3.36.4-58.15.3.x86_64.rpmLinux
SUSE-SU-2018:3591-2(SUSE Linux Enterprise Server 12-SP4 ) libsoftokn3-hmac-32bit-3.36.4-58.15.3.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234