1.9
CVE-2013-2168
- EPSS 0.38%
- Veröffentlicht 03.07.2013 18:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Freedesktop ≫ Dbus Version1.4.0
Freedesktop ≫ Dbus Version1.4.1
Freedesktop ≫ Dbus Version1.4.4
Freedesktop ≫ Dbus Version1.4.6
Freedesktop ≫ Dbus Version1.4.8
Freedesktop ≫ Dbus Version1.4.10
Freedesktop ≫ Dbus Version1.4.12
Freedesktop ≫ Dbus Version1.4.14
Freedesktop ≫ Dbus Version1.4.16
Freedesktop ≫ Dbus Version1.4.18
Freedesktop ≫ Dbus Version1.4.20
Freedesktop ≫ Dbus Version1.4.24
Freedesktop ≫ Dbus Version1.7.0
Freedesktop ≫ Dbus Version1.7.2
Freedesktop ≫ Dbus Version1.6.0
Freedesktop ≫ Dbus Version1.6.2
Freedesktop ≫ Dbus Version1.6.4
Freedesktop ≫ Dbus Version1.6.6
Freedesktop ≫ Dbus Version1.6.8
Freedesktop ≫ Dbus Version1.6.10
Freedesktop ≫ Dbus Version1.6.16
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.299 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://cgit.freedesktop.org/dbus/dbus/commit/?id=954d75b2b64e4799f360d2a6bf9cff6d9fee37e7
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109896.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/110114.html
http://lists.freedesktop.org/archives/dbus/2013-June/015696.html
http://lists.opensuse.org/opensuse-updates/2013-07/msg00003.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/53317
http://secunia.com/advisories/53832
http://www.debian.org/security/2013/dsa-2707
http://www.mandriva.com/security/advisories?name=MDVSA-2013:177
http://www.openwall.com/lists/oss-security/2013/06/13/2
http://www.securityfocus.com/bid/60546
http://www.securitytracker.com/id/1028667
http://www.ubuntu.com/usn/USN-1874-1
https://bugzilla.redhat.com/show_bug.cgi?id=974109
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16881