CVE-2013-1886

Redhat Certificate System - Format String Vulnerability

Title source: rule

Description

Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to viewing certificates.

References (5)

[Vendor Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=924870

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-0856.html

[Third Party Advisory, VDB Entry] http://osvdb.org/93613

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029685

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/60085

Scores

EPSS 0.0167

EPSS Percentile 82.2%

Details

CWE

CWE-134

Status published

Products (3)

redhat/certificate_system 8.1

redhat/dogtag_certificate_system 9.0

redhat/dogtag_certificate_system 10.0

Published Jan 24, 2014

Tracked Since Feb 18, 2026