Freedesktop » Dbus-glib : Security Vulnerabilities, CVEs,
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Max CVSS
7.2
EPSS Score
0.04%
Published
2013-03-05
Updated
2017-08-29
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.
Max CVSS
3.6
EPSS Score
0.04%
Published
2010-08-20
Updated
2017-08-17
2 vulnerabilities found