cbcvebase.
CVE-2013-0292
published 2013-03-05

CVE-2013-0292: The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which…

PriorityP335high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.09%
61.2th percentile
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
debiandbus-glib< dbus-glib 0.100.1-1 (bookworm)dbus-glib 0.100.1-1 (bookworm)
freedesktopdbus-glib<= 0.100
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib
freedesktopdbus-glib>= 0 < 0.100.1-10.100.1-1
freedesktopdbus-glib>= 0 < 0.100.1-10.100.1-1
freedesktopdbus-glib>= 0 < 0.100.1-10.100.1-1
freedesktopdbus-glib>= 0 < 0.100.1-10.100.1-1
msrcmicrosoft_word_2013_rt_service_pack_1
msrcmicrosoft_word_2013_service_pack_1
msrcmicrosoft_word_2016
msrcwindows_10

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
vendor_redhat7.2HIGH
vendor_msrc3.6LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.