7.2
CVE-2013-0292
- EPSS 1.09%
- Veröffentlicht 05.03.2013 21:38:56
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Freedesktop ≫ Dbus-glib Version <= 0.100
Freedesktop ≫ Dbus-glib Version0.72
Freedesktop ≫ Dbus-glib Version0.73
Freedesktop ≫ Dbus-glib Version0.74
Freedesktop ≫ Dbus-glib Version0.76
Freedesktop ≫ Dbus-glib Version0.78
Freedesktop ≫ Dbus-glib Version0.80
Freedesktop ≫ Dbus-glib Version0.82
Freedesktop ≫ Dbus-glib Version0.84
Freedesktop ≫ Dbus-glib Version0.86
Freedesktop ≫ Dbus-glib Version0.88
Freedesktop ≫ Dbus-glib Version0.90
Freedesktop ≫ Dbus-glib Version0.92
Freedesktop ≫ Dbus-glib Version0.94
Freedesktop ≫ Dbus-glib Version0.96
Freedesktop ≫ Dbus-glib Version0.98
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.09% | 0.61 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=911658
http://cgit.freedesktop.org/dbus/dbus-glib/commit/?id=166978a09cf5edff4028e670b6074215a4c75eca
http://osvdb.org/90302
http://rhn.redhat.com/errata/RHSA-2013-0568.html
http://secunia.com/advisories/52225
http://secunia.com/advisories/52375
http://secunia.com/advisories/52404
http://www.exploit-db.com/exploits/33614
http://www.mandriva.com/security/advisories?name=MDVSA-2013:071
http://www.openwall.com/lists/oss-security/2013/02/15/10
http://www.securityfocus.com/bid/57985
http://www.ubuntu.com/usn/USN-1753-1
https://bugs.freedesktop.org/show_bug.cgi?id=60916
https://exchange.xforce.ibmcloud.com/vulnerabilities/82135