CVE-2017-16541

high-risk
Published 2017-11-04

Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.

Do I need to act?

~
4.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
NETWORK / LOW complexity

Affected Products (16)

Tor

Affected Vendors

Debian Redhat Torproject

References (30)

Broken Link http://www.securityfocus.com/bid/101665
Broken Link http://www.securitytracker.com/id/1041610
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:2692
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:2693
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3403
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3458
Issue Tracking https://blog.torproject.org/tor-browser-709-released
Exploit https://bugzilla.mozilla.org/show_bug.cgi?id=1412081
Mailing List https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html
Third Party Advisory https://security.gentoo.org/glsa/201810-01
Third Party Advisory https://security.gentoo.org/glsa/201811-13
Issue Tracking https://trac.torproject.org/projects/tor/ticket/24052
Issue Tracking https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-...
Third Party Advisory https://www.debian.org/security/2018/dsa-4327
Issue Tracking https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-se...
Broken Link http://www.securityfocus.com/bid/101665
Broken Link http://www.securitytracker.com/id/1041610
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:2692
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:2693
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3403
and 10 more references
50
/ 100
high-risk
Severity 24/34 · High
Exploitability 8/34 · Low
Exposure 18/34 · Moderate