CVE-2012-4922 — Vulnetix

Try Vulnetix Request Demo

CVE-2012-4922 PUBLISHED

Reported by mitre · Published September 14, 2012

The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vulnerability than CVE-2012-4419.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Sep 12, 2012 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

GLSA-201301-03 vendor-advisoryx_refsource_GENTOO
x_refsource_CONFIRM
x_refsource_CONFIRM
[oss-security] 20120912 CVE id request: tor mailing-listx_refsource_MLIST
FEDORA-2012-14638 vendor-advisoryx_refsource_FEDORA
x_refsource_CONFIRM
[tor-talk] 20120912 Tor 0.2.3.22-rc is out mailing-listx_refsource_MLIST
openSUSE-SU-2012:1278 vendor-advisoryx_refsource_SUSE

Open in Interactive Console →