[tbb-bugs] #12736 [Tor Browser]: DLL hijacking vulnerability in TBB

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Aug 7 04:54:20 UTC 2014

#12736: DLL hijacking vulnerability in TBB
     Reporter:  underdoge    |      Owner:  tbb-team
         Type:  defect       |     Status:  new
     Priority:  major        |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:  tbb-security
Actual Points:               |  Parent ID:
       Points:               |

Comment (by mikeperry):

 Is it our use of the Portable-App style directory layout (where we reset
 env vars for PATH) that triggers this?

 If not, what else does vanilla Firefox do that makes them not vulnerable
 to this attack?

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12736#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list