CVE-2012-4922

CVSS V2 Medium 5 CVSS V3 None
Description
The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vulnerability than CVE-2012-4419.
Overview
  • CVE ID
  • CVE-2012-4922
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2012-09-14T18:55:04
  • Last Modified Date
  • 2013-08-22T03:59:11
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:* 1 OR 0.2.2.38
cpe:2.3:a:torproject:tor:0.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre13:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre14:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre15:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre16:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre17:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre18:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre19:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre20:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre21:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre22:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre23:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre24:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre25:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre26:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.2:pre27:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.6.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.6.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.7.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.7.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.7.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.0.9.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.0.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.1.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.1.2.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.0.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.0.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.0.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.0.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.0.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.0.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.36:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.2.37:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.13:alpha:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.14:alpha:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.15:alpha:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.16:alpha:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.17:beta:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.18:rc:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.19:rc:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.20:rc:*:*:*:*:*:* 1 OR
cpe:2.3:a:torproject:tor:0.2.3.21:rc:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:N/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • NONE
  • Availability Impact
  • PARTIAL
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 10:43:20 Added to TrackCVE