CVE-2017-16541 — MEDIUM (6.5)

Q: How severe is CVE-2017-16541?

CVE-2017-16541 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-16541?

Check the references section above for vendor advisories and patch information. Affected products include: Torproject Tor, Apple Macos, Linux Linux Kernel, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus.

Vulnerability Description

Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Torproject	Tor	< 7.0.9
Apple	Macos	-
Linux	Linux Kernel	-
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Eus	7.5
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server Aus	7.6
Redhat	Enterprise Linux Server Tus	7.6
Redhat	Enterprise Linux Workstation	6.0
Debian	Debian Linux	8.0

Related Weaknesses (CWE)

CWE-200

References

http://www.securityfocus.com/bid/101665Broken Link
http://www.securitytracker.com/id/1041610Broken Link
https://access.redhat.com/errata/RHSA-2018:2692Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2693Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3403Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3458Third Party Advisory
https://blog.torproject.org/tor-browser-709-releasedIssue TrackingVendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1412081ExploitIssue TrackingThird Party Advisory
https://lists.debian.org/debian-lts-announce/2018/11/msg00011.htmlMailing ListThird Party Advisory
https://security.gentoo.org/glsa/201810-01Third Party Advisory
https://security.gentoo.org/glsa/201811-13Third Party Advisory
https://trac.torproject.org/projects/tor/ticket/24052Issue TrackingVendor Advisory
https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-Issue TrackingThird Party Advisory
https://www.debian.org/security/2018/dsa-4327Third Party Advisory
https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-seIssue TrackingThird Party Advisory

FAQ

What is CVE-2017-16541?

CVE-2017-16541 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages fi...

How severe is CVE-2017-16541?

CVE-2017-16541 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-16541?

Check the references section above for vendor advisories and patch information. Affected products include: Torproject Tor, Apple Macos, Linux Linux Kernel, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus.