Freedesktop: >> Dbus-Glib Security Vulnerabilities
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
CVSS Score
7.2
EPSS Score
0.003
Published
2013-03-05
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.
CVSS Score
3.6
EPSS Score
0.001
Published
2010-08-20