CVE-2012-4555

{"id": "CVE-2012-4555", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-01-04T22:55:01.977", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/51482", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/56843", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1027846", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors."}, {"lang": "es", "value": "El sistema de proceso de tokens (pki-tps) en Red Hat Certificate System (RHCS) anteriores a v8.1.3 no manejan de forma adecuada las interrupciones de las operaciones de formateo, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio(desreferencia a puntero NULL y ca\u00edda de proceso hijo del servidor web Apache) a trav\u00e9s de vectores no especificados."}], "lastModified": "2013-01-07T15:41:31.053", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AAB4016-809B-4BF9-875C-18B261050AA9", "versionEndIncluding": "8.1.1"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A94B7103-11B7-4B1E-AE02-86210F9CCCAA"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27FE079E-FB15-443C-BE2E-1D4C940BB8C0"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2654E6A-190C-4D5C-ABC0-89011DD8E293"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2EF75FF-FCDB-433C-A7B9-4DBAABAC6643"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "969F1FDC-EB66-4758-B619-C48CA1E5B1AC"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25F5AA3E-5776-4B66-A2B7-78A95C37581A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}