CVE-2013-2168

Severity Score

1.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.

La función _dbus_printf_string_upper_bound en dbus/dbus-sysdeps-unix.c en D-Bus (aka DBus) 1.4.x anterior a 1.4.26, 1.6.x anterior a 1.6.12, y 1.7.x anterior a 1.7.4, permite a usuarios locales provocar una denegación de servicio (caída del servicio) a través de un mensaje manipulado.

*Credits: N/A

CVSS Scores

NISTv2 1.9

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-02-19 CVE Reserved
2013-06-13 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (16)

URL	Tag	Source
http://cgit.freedesktop.org/dbus/dbus/commit/?id=954d75b2b64e4799f360d2a6bf9cff6d9fee37e7	X_refsource_confirm
http://lists.freedesktop.org/archives/dbus/2013-June/015696.html	Mailing List
http://www.openwall.com/lists/oss-security/2013/06/13/2	Mailing List
http://www.securityfocus.com/bid/60546	Vdb Entry
http://www.securitytracker.com/id/1028667	Vdb Entry
https://bugzilla.redhat.com/show_bug.cgi?id=974109	X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16881	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109896.html	2023-12-27
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/110114.html	2023-12-27
http://lists.opensuse.org/opensuse-updates/2013-07/msg00003.html	2023-12-27
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html	2023-12-27
http://secunia.com/advisories/53317	2023-12-27
http://secunia.com/advisories/53832	2023-12-27
http://www.debian.org/security/2013/dsa-2707	2023-12-27
http://www.mandriva.com/security/advisories?name=MDVSA-2013:177	2023-12-27
http://www.ubuntu.com/usn/USN-1874-1	2023-12-27

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.0 Search vendor "Freedesktop" for product "Dbus" and version "1.4.0"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.1 Search vendor "Freedesktop" for product "Dbus" and version "1.4.1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.4 Search vendor "Freedesktop" for product "Dbus" and version "1.4.4"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.6 Search vendor "Freedesktop" for product "Dbus" and version "1.4.6"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.8 Search vendor "Freedesktop" for product "Dbus" and version "1.4.8"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.10 Search vendor "Freedesktop" for product "Dbus" and version "1.4.10"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.12 Search vendor "Freedesktop" for product "Dbus" and version "1.4.12"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.14 Search vendor "Freedesktop" for product "Dbus" and version "1.4.14"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.16 Search vendor "Freedesktop" for product "Dbus" and version "1.4.16"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.18 Search vendor "Freedesktop" for product "Dbus" and version "1.4.18"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.20 Search vendor "Freedesktop" for product "Dbus" and version "1.4.20"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.4.24 Search vendor "Freedesktop" for product "Dbus" and version "1.4.24"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.7.0 Search vendor "Freedesktop" for product "Dbus" and version "1.7.0"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.7.2 Search vendor "Freedesktop" for product "Dbus" and version "1.7.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.0 Search vendor "Freedesktop" for product "Dbus" and version "1.6.0"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.2 Search vendor "Freedesktop" for product "Dbus" and version "1.6.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.4 Search vendor "Freedesktop" for product "Dbus" and version "1.6.4"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.6 Search vendor "Freedesktop" for product "Dbus" and version "1.6.6"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.8 Search vendor "Freedesktop" for product "Dbus" and version "1.6.8"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.10 Search vendor "Freedesktop" for product "Dbus" and version "1.6.10"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.6.16 Search vendor "Freedesktop" for product "Dbus" and version "1.6.16"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				12.3 Search vendor "Opensuse" for product "Opensuse" and version "12.3"		-		Affected