Описание
Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file (config.txt or config) that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration.
Уязвимые конфигурации
Конфигурация 1Версия до 0.1.2.17 (включая)
Одновременно
cpe:2.3:a:vidalia-project:vidalia_bundle:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00167
Низкий
5 Medium
CVSS2
Дефекты
CWE-16
Связанные уязвимости
github
больше 3 лет назад
Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file (config.txt or config) that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration.
EPSS
Процентиль: 38%
0.00167
Низкий
5 Medium
CVSS2
Дефекты
CWE-16