CVE-2013-0292

The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Severity
UNKNOWN
AV:L/AC:L/Au:N/C:C/I:C/A:C
Atk. Vector
LOCAL
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
freedesktopdbus-glib
𝑥
≤ 0.100
freedesktopdbus-glib
0.72
freedesktopdbus-glib
0.73
freedesktopdbus-glib
0.74
freedesktopdbus-glib
0.76
freedesktopdbus-glib
0.78
freedesktopdbus-glib
0.80
freedesktopdbus-glib
0.82
freedesktopdbus-glib
0.84
freedesktopdbus-glib
0.86
freedesktopdbus-glib
0.88
freedesktopdbus-glib
0.90
freedesktopdbus-glib
0.92
freedesktopdbus-glib
0.94
freedesktopdbus-glib
0.96
freedesktopdbus-glib
0.98
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus-glib
bullseye
0.110-6
fixed
sid
0.112-3
fixed
trixie
0.112-3
fixed
bookworm
0.112-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus-glib
quantal
Fixed 0.100-1ubuntu0.1
released
precise
Fixed 0.98-1ubuntu1.1
released
oneiric
Fixed 0.94-4ubuntu0.1
released
lucid
Fixed 0.84-1ubuntu0.3
released
hardy
ignored
References