CVE-2013-0292

The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:freedesktop:dbus-glib:*:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.72:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.73:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.74:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.76:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.78:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.80:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.82:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.84:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.86:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.88:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.90:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.92:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.94:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.96:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus-glib:0.98:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-03-05 21:38

Updated : 2024-02-04 18:16


NVD link : CVE-2013-0292

Mitre link : CVE-2013-0292

CVE.ORG link : CVE-2013-0292


JSON object : View

Products Affected

freedesktop

  • dbus-glib
CWE
CWE-20

Improper Input Validation