Your submission was sent successfully! Close

CVE-2012-4922

Published: 14 September 2012

The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vulnerability than CVE-2012-4419.

Priority

Unknown

Status

Package Release Status
tor
Launchpad, Ubuntu, Debian
Upstream
Released (0.2.3.22-rc-1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.2.3.22-rc-1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.2.3.22-rc-1)