CVE-2013-0292

NameCVE-2013-0292
DescriptionThe dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs700638

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dbus-glib (PTS)bullseye0.110-6fixed
bookworm0.112-3fixed
sid, trixie0.112-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dbus-glibsourcesqueeze0.88-2.1+squeeze1
dbus-glibsource(unstable)0.100.1-1high700638
Search for package or bug name: Reporting problems