CVE-2012-4555

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
redhatcertificate_system
𝑥
≤ 8.1.1
redhatcertificate_system
7.1
redhatcertificate_system
7.2
redhatcertificate_system
7.3
redhatcertificate_system
8.0
redhatcertificate_system
8.1
𝑥
= Vulnerable software versions
References
http://rhn.redhat.com/errata/RHSA-2012-1550.html
http://secunia.com/advisories/51482
http://www.securityfocus.com/bid/56843
http://www.securitytracker.com/id?1027846
https://bugzilla.redhat.com/show_bug.cgi?id=869570
http://rhn.redhat.com/errata/RHSA-2012-1550.html
http://secunia.com/advisories/51482
http://www.securityfocus.com/bid/56843
http://www.securitytracker.com/id?1027846
https://bugzilla.redhat.com/show_bug.cgi?id=869570