Home > Cyber News > Tor Browser Zero-Day Vulnerability Revealed: Patch Immediately!
CYBER NEWS

Tor Browser Zero-Day Vulnerability Revealed: Patch Immediately!

by   |  Last Update:  |  0 Comments  

Zerodium recently reported the discovery of a new zero-day exploit in Tor browser. The same exploit vendor earlier this year offered $1 million for submitting such an exploit for Tor browser. The new Tor zero-day could reveal the identity of the websites visited by the user.




Zerodium Reveals Tor Browser Zero-Day in a Tweet

Тhe exploit vendor reported the flaw and gave instructions on how it can be reproduced in a tweet posted on Monday. It appears that the recently released Tor Browser 8 is not affected by the zero-day:

Advisory: Tor Browser 7.x has a serious vuln/bugdoor leading to full bypass of Tor / NoScript ‘Safest’ security level (supposed to block all JS). PoC: Set the Content-Type of your html/js page to “text/html;/json” and enjoy full JS pwnage. Newly released Tor 8.x is not affected.

As visible by the tweet, the exploit is about a vulnerability in the Tor browser but in fact it impacts NoScript. NoScript is a well-known Firefox extension which guards users from malicious scripts by allowing JavaScript, Java, and Flash plugins to be executed only on trusted websites. It should be noted that the Tor Browser is based on Firefox’s code, thus it includes NoScript by default.

Zerodium says that NoScript versions 5.0.4 to 5.1.8.6 can be bypasses to run any JS file by altering its content-type header to JSON format. This can happen even when the “Safest” security level is enabled. This means that a website can take advantage of this zero-day to execute malicious JavaScript on Tor browser and to obtain the real IP address of the victim.

Fortunately, the latest version of Tor is not affected by this vulnerability, simply because the NoScript plugin for the Quantum version of Firefox is based upon a different API format. However, users running Tor 7.x are urged to update the browser as soon as possible to the latest release to avoid any compromise.

Finally, NoScript was notified about the issue and fixed the flaw with the release of NoScript “Classic” version 5.1.8.7.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. $1 Million Payout for the Disclosure of an Exclusive Tor Browser Flaw Researchers are not encouraged to find zero-day flaws in the...
  2. iOS Security Worse Than Ever Due to Oversupply of Bugs What is the current state of iOS security? According to...
  3. Company Pays $1.5 Million for iOS 10 Zero-Day Exploit Have you heard of Zerodium? It’s a company that has...
  4. Zerodium Payout for Android Exploits Jumps to $2.5M, iOS Price Drops Zerodium, a “leading exploit acquisition platform for premium zero-days and...
  5. Tor Browser Allows Users to Surf the Web Anonymously Several sources, among which the websites BoingBoing and PCworld, have...
  6. Tor Browser Version 10.0.18 Fixes User Tracking Vulnerability If you are using the Tor Browser, you should get...
  7. The TorMoil Tor Browser Vulnerability Leaks Real IPs, Update Now! Security experts discovered the dangerous TorMoil Tor Browser Vulnerability which...
  8. Windows Zero-Day Revealed on Twitter, Microsoft Data Sharing Service Affected A new zero-day Windows vulnerability has been disclosed via the...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree