CVE-2013-1886

Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to viewing certificates.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
redhatcertificate_system
8.1
redhatdogtag_certificate_system
9.0
redhatdogtag_certificate_system
10.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/93613
http://rhn.redhat.com/errata/RHSA-2013-0856.html
http://www.securityfocus.com/bid/60085
http://www.securitytracker.com/id/1029685
https://bugzilla.redhat.com/show_bug.cgi?id=924870
http://osvdb.org/93613
http://rhn.redhat.com/errata/RHSA-2013-0856.html
http://www.securityfocus.com/bid/60085
http://www.securitytracker.com/id/1029685
https://bugzilla.redhat.com/show_bug.cgi?id=924870