Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-46702

Description

Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory.

POC

Reference

- https://www.sciencedirect.com/science/article/pii/S0167404821001358

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Exmak-s/CVE-2021-46702

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/SYRTI/POC_to_review

- https://github.com/WhooAmii/POC_to_review

- https://github.com/malakkf/CVE-2021-46702

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/soosmile/POC

- https://github.com/trhacknon/Pocingit

- https://github.com/zecool/cve