CVE-2012-3524

libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable.  NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
freedesktoplibdbus
𝑥
≤ 1.5.12
freedesktoplibdbus
1.5.0
freedesktoplibdbus
1.5.2
freedesktoplibdbus
1.5.4
freedesktoplibdbus
1.5.6
freedesktoplibdbus
1.5.8
freedesktoplibdbus
1.5.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus
bullseye
1.12.28-0+deb11u1
fixed
squeeze
not-affected
bullseye (security)
1.12.24-0+deb11u1
fixed
bookworm
1.14.10-1~deb12u1
fixed
sid
1.14.10-6
fixed
trixie
1.14.10-6
fixed
glib2.0
bullseye
2.66.8-1+deb11u4
fixed
squeeze
not-affected
bullseye (security)
2.66.8-1+deb11u3
fixed
bookworm
2.74.6-2+deb12u3
fixed
bookworm (security)
2.74.6-2+deb12u2
fixed
sid
2.82.2-2
fixed
trixie
2.82.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus
precise
Fixed 1.4.18-1ubuntu1.1
released
oneiric
Fixed 1.4.14-1ubuntu1.1
released
natty
Fixed 1.4.6-1ubuntu6.2
released
lucid
Fixed 1.2.16-2ubuntu4.5
released
hardy
Fixed 1.1.20-1ubuntu3.7
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
http://rhn.redhat.com/errata/RHSA-2012-1261.html
http://secunia.com/advisories/50537
http://secunia.com/advisories/50544
http://secunia.com/advisories/50710
http://stealth.openwall.net/null/dzug.c
http://www.exploit-db.com/exploits/21323
http://www.mandriva.com/security/advisories?name=MDVSA-2013:070
http://www.mandriva.com/security/advisories?name=MDVSA-2013:083
http://www.openwall.com/lists/oss-security/2012/07/10/4
http://www.openwall.com/lists/oss-security/2012/07/26/1
http://www.openwall.com/lists/oss-security/2012/09/12/6
http://www.openwall.com/lists/oss-security/2012/09/14/2
http://www.openwall.com/lists/oss-security/2012/09/17/2
http://www.securityfocus.com/bid/55517
http://www.ubuntu.com/usn/USN-1576-1
http://www.ubuntu.com/usn/USN-1576-2
https://bugs.freedesktop.org/show_bug.cgi?id=52202
https://bugzilla.novell.com/show_bug.cgi?id=697105
https://bugzilla.redhat.com/show_bug.cgi?id=847402
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
http://rhn.redhat.com/errata/RHSA-2012-1261.html
http://secunia.com/advisories/50537
http://secunia.com/advisories/50544
http://secunia.com/advisories/50710
http://stealth.openwall.net/null/dzug.c
http://www.exploit-db.com/exploits/21323
http://www.mandriva.com/security/advisories?name=MDVSA-2013:070
http://www.mandriva.com/security/advisories?name=MDVSA-2013:083
http://www.openwall.com/lists/oss-security/2012/07/10/4
http://www.openwall.com/lists/oss-security/2012/07/26/1
http://www.openwall.com/lists/oss-security/2012/09/12/6
http://www.openwall.com/lists/oss-security/2012/09/14/2
http://www.openwall.com/lists/oss-security/2012/09/17/2
http://www.securityfocus.com/bid/55517
http://www.ubuntu.com/usn/USN-1576-1
http://www.ubuntu.com/usn/USN-1576-2
https://bugs.freedesktop.org/show_bug.cgi?id=52202
https://bugzilla.novell.com/show_bug.cgi?id=697105
https://bugzilla.redhat.com/show_bug.cgi?id=847402