Vulnerabilities > Torproject > TOR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-01-01 | CVE-2012-5573 | Resource Management Errors vulnerability in Torproject TOR The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass intended flow-control restrictions via a RELAY_COMMAND_SENDME command. | 5.0 |
| 2012-09-14 | CVE-2012-4922 | Improper Input Validation vulnerability in Torproject TOR The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vulnerability than CVE-2012-4419. | 5.0 |
| 2012-09-14 | CVE-2012-4419 | Unspecified vulnerability in Torproject TOR The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison. | 5.0 |