CVE-2007-6724

Name of the Vulnerable Software and Affected Versions Vidalia bundle versions prior to 0.1.2.18

Description The issue allows remote attackers to bypass intended access restrictions and modify configuration due to an insecure setting in the Privoxy configuration file. This occurs when Vidalia bundle is running on Windows.

Recommendations For versions prior to 0.1.2.18, update to version 0.1.2.18 or later to resolve the issue. As a temporary workaround, consider modifying the Privoxy configuration file to remove the insecure enable-remote-http-toggle setting. Restrict access to the configuration file to minimize the risk of exploitation.