CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 4CVE-2013-0292 – dbus-glib pam_fprintd - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-0292
04 Mar 2013 — The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal. La función dbus_g_proxy_manager_filter en dbus-gproxy en Dbus-glib anterior a v0.100.1 no verifica correctamente el emisor de señales NameOwnerChanged, permitiendo a usuarios locales obtener privilegios a través de una señal falsificada. • https://packetstorm.news/files/id/126864 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2010-1172 – dbus-glib: property access not validated
https://notcve.org/view.php?id=CVE-2010-1172
20 Aug 2010 — DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services. DBus-GLib v0.73 no tiene en cuenta la bandera de acceso en las propiedades GObject exportadas, lo que permite a usuarios locales evitar restricciones de acceso establecidas y posiblemente provocar una ... • http://cgit.freedesktop.org/dbus/dbus-glib/commit/?h=rhel5&id=9a6bce9b615abca6068348c1606ba8eaf13d9ae0 • CWE-264: Permissions, Privileges, and Access Controls •