CVE-2011-2533

CWE-597 documents7 sources
Severity
3.3LOW
EPSS
0.0%
top 91.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Freedesktop Dbus
Timeline
PublishedJun 22
Latest updateMay 17

Description

The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.

CVSS vector

AV:L/AC:M/C:N/I:P/A:PExploitability: 3.4 | Impact: 4.9

Affected Packages2 packages

Debiandbus< 1.3.2~git20100715.821f99c-1+3
NVDfreedesktop/dbus14 versions+13

🔴Vulnerability Details

3
GHSA
GHSA-gh65-c85m-3mv4: The configure script in D-Bus (aka DBus) 12022-05-17
CVEList
CVE-2011-2533: The configure script in D-Bus (aka DBus) 12011-06-22
OSV
CVE-2011-2533: The configure script in D-Bus (aka DBus) 12011-06-22

📋Vendor Advisories

2
Red Hat
dbus: Possibility of symlink attack in /tmp during compilation2011-06-10
Debian
CVE-2011-2533: dbus - The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users ...2011

💬Community

1
Bugzilla
CVE-2011-2533 dbus: Possibility of symlink attack in /tmp during compilation2011-06-23
CVE-2011-2533 (LOW CVSS 3.3) | The configure script in D-Bus (aka | cvebase.io