CVE-2012-4419

EPSS 1.6%

Published: 9/14/2012Modified: 4/28/2026

Description

The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.

Affected packages (1)

Debian/torfrom 0, < 0.2.3.22-rc-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-4419