CVE-2013-0292 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.2 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 44%

Affected Products (NVD)

Vendor	Product	Version
freedesktop	dbus-glib	𝑥 ≤ 0.100
freedesktop	dbus-glib	0.72
freedesktop	dbus-glib	0.73
freedesktop	dbus-glib	0.74
freedesktop	dbus-glib	0.76
freedesktop	dbus-glib	0.78
freedesktop	dbus-glib	0.80
freedesktop	dbus-glib	0.82
freedesktop	dbus-glib	0.84
freedesktop	dbus-glib	0.86
freedesktop	dbus-glib	0.88
freedesktop	dbus-glib	0.90
freedesktop	dbus-glib	0.92
freedesktop	dbus-glib	0.94
freedesktop	dbus-glib	0.96
freedesktop	dbus-glib	0.98

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

dbus-glib

bookworm	0.112-3 fixed
bullseye	0.110-6 fixed
sid	0.112-3 fixed
trixie	0.112-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

dbus-glib

hardy	ignored
lucid	Fixed 0.84-1ubuntu0.3 released
oneiric	Fixed 0.94-4ubuntu0.1 released
precise	Fixed 0.98-1ubuntu1.1 released
quantal	Fixed 0.100-1ubuntu0.1 released

openSUSE / SLES Releases

openSUSE Product

Release

dbus-1-glib

suse enterprise desktop 15	0.108-1.29 fixed
suse enterprise desktop 15 SP1	0.108-1.29 fixed
suse enterprise desktop 15 SP2	0.108-1.29 fixed
suse enterprise desktop 15 SP3	0.108-1.29 fixed
suse enterprise desktop 15 SP4	0.108-1.29 fixed
suse enterprise desktop 15 SP5	0.108-1.29 fixed
suse enterprise sap 12 SP5	0.100.2-3.58 fixed
suse enterprise sap 15	0.108-1.29 fixed
suse enterprise sap 15 SP1	0.108-1.29 fixed
suse enterprise sap 15 SP2	0.108-1.29 fixed
suse enterprise sap 15 SP3	0.108-1.29 fixed
suse enterprise sap 15 SP4	0.108-1.29 fixed
suse enterprise sap 15 SP5	0.108-1.29 fixed
suse enterprise server 12	0.100.2-3.58 fixed
suse enterprise server 12 SP1	0.100.2-3.58 fixed
suse enterprise server 12 SP2	0.100.2-3.58 fixed
suse enterprise server 12 SP3	0.100.2-3.58 fixed
suse enterprise server 12 SP4	0.100.2-3.58 fixed
suse enterprise server 12 SP5	0.100.2-3.58 fixed
suse enterprise server 15	0.108-1.29 fixed
suse enterprise server 15 SP1	0.108-1.29 fixed
suse enterprise server 15 SP2	0.108-1.29 fixed
suse enterprise server 15 SP3	0.108-1.29 fixed
suse enterprise server 15 SP4	0.108-1.29 fixed
suse enterprise server 15 SP5	0.108-1.29 fixed

dbus-1-glib-32bit

suse enterprise desktop 15	0.108-1.29 fixed
suse enterprise desktop 15 SP1	0.108-1.29 fixed
suse enterprise desktop 15 SP2	0.108-1.29 fixed
suse enterprise desktop 15 SP3	0.108-1.29 fixed
suse enterprise desktop 15 SP4	0.108-1.29 fixed
suse enterprise desktop 15 SP5	0.108-1.29 fixed
suse enterprise sap 12 SP5	0.100.2-3.58 fixed
suse enterprise sap 15	0.108-1.29 fixed
suse enterprise sap 15 SP1	0.108-1.29 fixed
suse enterprise sap 15 SP2	0.108-1.29 fixed
suse enterprise sap 15 SP3	0.108-1.29 fixed
suse enterprise sap 15 SP4	0.108-1.29 fixed
suse enterprise sap 15 SP5	0.108-1.29 fixed
suse enterprise server 12	0.100.2-3.58 fixed
suse enterprise server 12 SP1	0.100.2-3.58 fixed
suse enterprise server 12 SP2	0.100.2-3.58 fixed
suse enterprise server 12 SP3	0.100.2-3.58 fixed
suse enterprise server 12 SP4	0.100.2-3.58 fixed
suse enterprise server 12 SP5	0.100.2-3.58 fixed
suse enterprise server 15	0.108-1.29 fixed
suse enterprise server 15 SP1	0.108-1.29 fixed
suse enterprise server 15 SP2	0.108-1.29 fixed
suse enterprise server 15 SP3	0.108-1.29 fixed
suse enterprise server 15 SP4	0.108-1.29 fixed
suse enterprise server 15 SP5	0.108-1.29 fixed

dbus-1-glib-devel

suse enterprise desktop 15	0.108-1.29 fixed
suse enterprise desktop 15 SP1	0.108-1.29 fixed
suse enterprise desktop 15 SP2	0.108-1.29 fixed
suse enterprise desktop 15 SP3	0.108-1.29 fixed
suse enterprise desktop 15 SP4	0.108-1.29 fixed
suse enterprise desktop 15 SP5	0.108-1.29 fixed
suse enterprise sap 15	0.108-1.29 fixed
suse enterprise sap 15 SP1	0.108-1.29 fixed
suse enterprise sap 15 SP2	0.108-1.29 fixed
suse enterprise sap 15 SP3	0.108-1.29 fixed
suse enterprise sap 15 SP4	0.108-1.29 fixed
suse enterprise sap 15 SP5	0.108-1.29 fixed
suse enterprise server 15	0.108-1.29 fixed
suse enterprise server 15 SP1	0.108-1.29 fixed
suse enterprise server 15 SP2	0.108-1.29 fixed
suse enterprise server 15 SP3	0.108-1.29 fixed
suse enterprise server 15 SP4	0.108-1.29 fixed
suse enterprise server 15 SP5	0.108-1.29 fixed

dbus-1-glib-tool

suse enterprise desktop 15	0.108-1.29 fixed
suse enterprise desktop 15 SP1	0.108-1.29 fixed
suse enterprise desktop 15 SP2	0.108-1.29 fixed
suse enterprise desktop 15 SP3	0.108-1.29 fixed
suse enterprise desktop 15 SP4	0.108-1.29 fixed
suse enterprise desktop 15 SP5	0.108-1.29 fixed
suse enterprise sap 15	0.108-1.29 fixed
suse enterprise sap 15 SP1	0.108-1.29 fixed
suse enterprise sap 15 SP2	0.108-1.29 fixed
suse enterprise sap 15 SP3	0.108-1.29 fixed
suse enterprise sap 15 SP4	0.108-1.29 fixed
suse enterprise sap 15 SP5	0.108-1.29 fixed
suse enterprise server 15	0.108-1.29 fixed
suse enterprise server 15 SP1	0.108-1.29 fixed
suse enterprise server 15 SP2	0.108-1.29 fixed
suse enterprise server 15 SP3	0.108-1.29 fixed
suse enterprise server 15 SP4	0.108-1.29 fixed
suse enterprise server 15 SP5	0.108-1.29 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

dbus-glib

RHEL 6

0:0.86-6.el6_4

fixed

dbus-glib-devel

RHEL 6

0:0.86-6.el6_4

fixed

Known Exploits!

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=911658

http://cgit.freedesktop.org/dbus/dbus-glib/commit/?id=166978a09cf5edff4028e670b6074215a4c75eca

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://osvdb.org/90302

http://rhn.redhat.com/errata/RHSA-2013-0568.html

http://secunia.com/advisories/52225

http://secunia.com/advisories/52375

http://secunia.com/advisories/52404

http://www.exploit-db.com/exploits/33614

http://www.mandriva.com/security/advisories?name=MDVSA-2013:071

http://www.openwall.com/lists/oss-security/2013/02/15/10

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

http://www.securityfocus.com/bid/57985

http://www.ubuntu.com/usn/USN-1753-1

https://bugs.freedesktop.org/show_bug.cgi?id=60916

https://exchange.xforce.ibmcloud.com/vulnerabilities/82135

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=911658

http://cgit.freedesktop.org/dbus/dbus-glib/commit/?id=166978a09cf5edff4028e670b6074215a4c75eca

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://osvdb.org/90302

http://rhn.redhat.com/errata/RHSA-2013-0568.html

http://secunia.com/advisories/52225

http://secunia.com/advisories/52375

http://secunia.com/advisories/52404

http://www.exploit-db.com/exploits/33614

http://www.mandriva.com/security/advisories?name=MDVSA-2013:071

http://www.openwall.com/lists/oss-security/2013/02/15/10

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

http://www.securityfocus.com/bid/57985

http://www.ubuntu.com/usn/USN-1753-1

https://bugs.freedesktop.org/show_bug.cgi?id=60916

https://exchange.xforce.ibmcloud.com/vulnerabilities/82135