[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-4352Date: (C)2010-12-30   (M)2024-01-04


Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECUNIA-42580
SECUNIA-42760
SECUNIA-42911
SECUNIA-42960
BID-45377
ADV-2010-3325
ADV-2011-0161
ADV-2011-0178
ADV-2011-0464
DSA-2149
FEDORA-2010-19166
SUSE-SR:2011:004
USN-1044-1
http://openwall.com/lists/oss-security/2010/12/16/3
http://openwall.com/lists/oss-security/2010/12/16/6
http://openwall.com/lists/oss-security/2010/12/21/3
http://cgit.freedesktop.org/dbus/dbus/commit/?id=7d65a3a6ed8815e34a99c680ac3869fde49dbbd4
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://www.remlab.net/op/dbus-variant-recursion.shtml
https://bugs.freedesktop.org/show_bug.cgi?id=32321
https://bugzilla.redhat.com/show_bug.cgi?id=663673
openSUSE-SU-2012:1418

CWE    1
CWE-399
OVAL    9
oval:org.secpod.oval:def:100459
oval:org.secpod.oval:def:102767
oval:org.secpod.oval:def:201456
oval:org.secpod.oval:def:200521
...

© SecPod Technologies