CVE-2006-3409 Information

Description

Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs which result in a buffer overflow when elements are added to smartlists.

Reference

http://secunia.com/advisories/20277 http://secunia.com/advisories/20514 http://security.gentoo.org/glsa/glsa-200606-04.xml http://tor.eff.org/cvs/tor/ChangeLog http://www.securityfocus.com/bid/18323 https://exchange.xforce.ibmcloud.com/vulnerabilities/26795