CVE-2019-12383

Medium

Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by…

mitre·CWE-203·Published 2019-05-28

CVSS

4.3

EPSS

0.02

KEV

Exploits

cve.orgen

214 chars

Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by measuring a button width, even if the user has a "Don't send my language" setting.

NVDen

214 chars

NVDes

303 chars

Tor Browser anterior de la versión 8.0.1, presenta una vulnerabilidad de exposición de información. Permite a atacantes remotos detectar la interfaz de usuario (UI) local del navegador mediante la medición de el ancho de Buttom, incluso si el usuario tiene una configuración de "Don't send my language".

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N