5

CVE-2012-4922

The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vulnerability than CVE-2012-4419.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TorprojectTor Version <= 0.2.2.38
TorprojectTor Version0.0.2
TorprojectTor Version0.0.2 Updatepre13
TorprojectTor Version0.0.2 Updatepre14
TorprojectTor Version0.0.2 Updatepre15
TorprojectTor Version0.0.2 Updatepre16
TorprojectTor Version0.0.2 Updatepre17
TorprojectTor Version0.0.2 Updatepre18
TorprojectTor Version0.0.2 Updatepre19
TorprojectTor Version0.0.2 Updatepre20
TorprojectTor Version0.0.2 Updatepre21
TorprojectTor Version0.0.2 Updatepre22
TorprojectTor Version0.0.2 Updatepre23
TorprojectTor Version0.0.2 Updatepre24
TorprojectTor Version0.0.2 Updatepre25
TorprojectTor Version0.0.2 Updatepre26
TorprojectTor Version0.0.2 Updatepre27
TorprojectTor Version0.0.3
TorprojectTor Version0.0.4
TorprojectTor Version0.0.5
TorprojectTor Version0.0.6
TorprojectTor Version0.0.6.1
TorprojectTor Version0.0.6.2
TorprojectTor Version0.0.7
TorprojectTor Version0.0.7.1
TorprojectTor Version0.0.7.2
TorprojectTor Version0.0.7.3
TorprojectTor Version0.0.8.1
TorprojectTor Version0.0.9.1
TorprojectTor Version0.0.9.2
TorprojectTor Version0.0.9.3
TorprojectTor Version0.0.9.4
TorprojectTor Version0.0.9.5
TorprojectTor Version0.0.9.6
TorprojectTor Version0.0.9.7
TorprojectTor Version0.0.9.8
TorprojectTor Version0.0.9.9
TorprojectTor Version0.0.9.10
TorprojectTor Version0.1.0.10
TorprojectTor Version0.1.0.11
TorprojectTor Version0.1.0.12
TorprojectTor Version0.1.0.13
TorprojectTor Version0.1.0.14
TorprojectTor Version0.1.0.15
TorprojectTor Version0.1.0.16
TorprojectTor Version0.1.0.17
TorprojectTor Version0.1.1.20
TorprojectTor Version0.1.1.21
TorprojectTor Version0.1.1.22
TorprojectTor Version0.1.1.23
TorprojectTor Version0.1.1.24
TorprojectTor Version0.1.1.25
TorprojectTor Version0.1.1.26
TorprojectTor Version0.1.2.13
TorprojectTor Version0.1.2.14
TorprojectTor Version0.1.2.15
TorprojectTor Version0.1.2.16
TorprojectTor Version0.1.2.17
TorprojectTor Version0.1.2.18
TorprojectTor Version0.1.2.19
TorprojectTor Version0.2.0.30
TorprojectTor Version0.2.0.31
TorprojectTor Version0.2.0.32
TorprojectTor Version0.2.0.33
TorprojectTor Version0.2.0.34
TorprojectTor Version0.2.0.35
TorprojectTor Version0.2.2.18
TorprojectTor Version0.2.2.19
TorprojectTor Version0.2.2.20
TorprojectTor Version0.2.2.21
TorprojectTor Version0.2.2.22
TorprojectTor Version0.2.2.23
TorprojectTor Version0.2.2.24
TorprojectTor Version0.2.2.25
TorprojectTor Version0.2.2.26
TorprojectTor Version0.2.2.27
TorprojectTor Version0.2.2.28
TorprojectTor Version0.2.2.29
TorprojectTor Version0.2.2.30
TorprojectTor Version0.2.2.31
TorprojectTor Version0.2.2.32
TorprojectTor Version0.2.2.33
TorprojectTor Version0.2.2.34
TorprojectTor Version0.2.2.35
TorprojectTor Version0.2.2.36
TorprojectTor Version0.2.2.37
TorprojectTor Version0.2.3
TorprojectTor Version0.2.3.13 Updatealpha
TorprojectTor Version0.2.3.14 Updatealpha
TorprojectTor Version0.2.3.15 Updatealpha
TorprojectTor Version0.2.3.16 Updatealpha
TorprojectTor Version0.2.3.17 Updatebeta
TorprojectTor Version0.2.3.18 Updaterc
TorprojectTor Version0.2.3.19 Updaterc
TorprojectTor Version0.2.3.20 Updaterc
TorprojectTor Version0.2.3.21 Updaterc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.59% 0.899
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.