Security Advisory

CVE-2012-3518

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-26 01:00:00

Last updated 2024-08-06 20:05:12

Assigner redhat

State PUBLISHED

Description

The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.

← Browse all CVEs View on cve.org ↗