Privilege Escalation via Spoofed NameOwnerChanged Signals in dbus-glib
CVE-2013-0292 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Learn more about our User Device Pen Test.