The developers of Tor, an anonymizing overlay network for TCP, found three security issues during a security audit. A heap overflow allowed the execution of arbitrary code , a denial of service vulnerability was found in the zlib compression handling and some key memory was incorrectly zeroed out before being freed. The latter two issues do not yet have CVE identifiers assigned