Privilege Escalation via Spoofed NameOwnerChanged Signals in dbus-glib

Privilege Escalation via Spoofed NameOwnerChanged Signals in dbus-glib

CVE-2013-0292 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.

Learn more about our User Device Pen Test.