CVE-2012-4419

Medium

5/10

Summary

The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

References

Advisory Timeline

Published Sep 14, 2012

CVE-2012-4419

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS