[tor-bugs] #12736 [Applications/Tor Browser]: DLL hijacking vulnerability in TBB
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 24 12:44:29 UTC 2016
#12736: DLL hijacking vulnerability in TBB
------------------------------------------------+--------------------------
Reporter: underdoge | Owner: tbb-team
Type: defect | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security, TorBrowserTeam201608 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------------------------+--------------------------
Comment (by boklm):
I didn't try to do some debugging yet, but after looking at the HTTPS
Everywhere code, I am wondering if it could be caused by the
NSS.initialize function:
https://gitweb.torproject.org/https-
everywhere.git/tree/src/chrome/content/code/NSS.js?id=7035dde6b76eb8be458d410768188d9cd5d09f89#n28
{{{
try {
sharedLib = tcypes.open(nssPath);
} catch (e) {
}}}
when `nssPath` is empty when called from:
https://gitweb.torproject.org/https-everywhere.git/tree/src/components
/ssl-observatory.js?id=7035dde6b76eb8be458d410768188d9cd5d09f89#n126
{{{
try {
NSS.initialize("");
} catch(e) {
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12736#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list