Unrated severityNVD Advisory· Published Mar 5, 2013· Updated Apr 29, 2026
CVE-2013-0292
CVE-2013-0292
Description
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Affected products
16cpe:2.3:a:freedesktop:dbus-glib:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:freedesktop:dbus-glib:*:*:*:*:*:*:*:*range: <=0.100
- cpe:2.3:a:freedesktop:dbus-glib:0.72:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.73:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.74:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.76:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.78:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.80:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.82:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.84:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.86:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.88:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.94:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.96:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus-glib:0.98:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- cgit.freedesktop.org/dbus/dbus-glib/commit/nvdExploitPatch
- secunia.com/advisories/52225nvdVendor Advisory
- secunia.com/advisories/52404nvdVendor Advisory
- bugzilla.redhat.com/bugzilla/show_bug.cginvd
- kb.juniper.net/InfoCenter/indexnvd
- osvdb.org/90302nvd
- rhn.redhat.com/errata/RHSA-2013-0568.htmlnvd
- secunia.com/advisories/52375nvd
- www.exploit-db.com/exploits/33614nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2013/02/15/10nvd
- www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlnvd
- www.securityfocus.com/bid/57985nvd
- www.ubuntu.com/usn/USN-1753-1nvd
- bugs.freedesktop.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/82135nvd
News mentions
0No linked articles in our index yet.