CVE-2013-0292

2013-03-0521:38:56

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

Percentile

9.8%

JSON

The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.

Affected configurations

Nvd

Node

freedesktopdbus-glibRange≤0.100

freedesktopdbus-glibMatch0.72

freedesktopdbus-glibMatch0.73

freedesktopdbus-glibMatch0.74

freedesktopdbus-glibMatch0.76

freedesktopdbus-glibMatch0.78

freedesktopdbus-glibMatch0.80

freedesktopdbus-glibMatch0.82

freedesktopdbus-glibMatch0.84

freedesktopdbus-glibMatch0.86

freedesktopdbus-glibMatch0.88

freedesktopdbus-glibMatch0.90

freedesktopdbus-glibMatch0.92

freedesktopdbus-glibMatch0.94

freedesktopdbus-glibMatch0.96

freedesktopdbus-glibMatch0.98

VendorProductVersionCPE
freedesktopdbus-glib*cpe:2.3:a:freedesktop:dbus-glib:*:*:*:*:*:*:*:*
freedesktopdbus-glib0.72cpe:2.3:a:freedesktop:dbus-glib:0.72:*:*:*:*:*:*:*
freedesktopdbus-glib0.73cpe:2.3:a:freedesktop:dbus-glib:0.73:*:*:*:*:*:*:*
freedesktopdbus-glib0.74cpe:2.3:a:freedesktop:dbus-glib:0.74:*:*:*:*:*:*:*
freedesktopdbus-glib0.76cpe:2.3:a:freedesktop:dbus-glib:0.76:*:*:*:*:*:*:*
freedesktopdbus-glib0.78cpe:2.3:a:freedesktop:dbus-glib:0.78:*:*:*:*:*:*:*
freedesktopdbus-glib0.80cpe:2.3:a:freedesktop:dbus-glib:0.80:*:*:*:*:*:*:*
freedesktopdbus-glib0.82cpe:2.3:a:freedesktop:dbus-glib:0.82:*:*:*:*:*:*:*
freedesktopdbus-glib0.84cpe:2.3:a:freedesktop:dbus-glib:0.84:*:*:*:*:*:*:*
freedesktopdbus-glib0.86cpe:2.3:a:freedesktop:dbus-glib:0.86:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
freedesktop	dbus-glib	*	cpe:2.3:a:freedesktop:dbus-glib::::::::
freedesktop	dbus-glib	0.72	cpe:2.3:a:freedesktop:dbus-glib:0.72:::::::*
freedesktop	dbus-glib	0.73	cpe:2.3:a:freedesktop:dbus-glib:0.73:::::::*
freedesktop	dbus-glib	0.74	cpe:2.3:a:freedesktop:dbus-glib:0.74:::::::*
freedesktop	dbus-glib	0.76	cpe:2.3:a:freedesktop:dbus-glib:0.76:::::::*
freedesktop	dbus-glib	0.78	cpe:2.3:a:freedesktop:dbus-glib:0.78:::::::*
freedesktop	dbus-glib	0.80	cpe:2.3:a:freedesktop:dbus-glib:0.80:::::::*
freedesktop	dbus-glib	0.82	cpe:2.3:a:freedesktop:dbus-glib:0.82:::::::*
freedesktop	dbus-glib	0.84	cpe:2.3:a:freedesktop:dbus-glib:0.84:::::::*
freedesktop	dbus-glib	0.86	cpe:2.3:a:freedesktop:dbus-glib:0.86:::::::*