Montavista
Got a hot project?  Login
  • NETWORK INFRASTRUCTURE
  • OFFICE AUTOMATION
  • MEDICAL
  • ENGINEERING SERVICES
  • COMPANY

CVE Vulnerabilities
  • CVE-2012
  • CVE-2011
  • CVE-2010
  • CVE-2009
  • CVE-2008
  • CVE-2007
  • CVE-2006
  • CVE-2005
  • CVE-2004
  • CVE-2003
CVE-2012-3524

Severity : Medium
Published : 2012-09-18
Modified : 2013-02-21
Base Score : 6.9
Details : libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
Product/Version : Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
CGE 5.x  
Mobilinux 5.x  
Carrier Grade CGE 6.0  
 
 
 


CVE Vulnerabilities List CVE-2012
CVE-2012-4565CVE-2012-4508CVE-2012-4444CVE-2012-4423
CVE-2012-3524CVE-2012-3511CVE-2012-3509CVE-2012-3417
CVE-2012-3401CVE-2012-3400CVE-2012-2333CVE-2012-2319
CVE-2012-2313CVE-2012-2141CVE-2012-2131CVE-2012-2123
CVE-2012-2111CVE-2012-2110CVE-2012-2100CVE-2012-1667
CVE-2012-1182CVE-2012-1165CVE-2012-1164CVE-2012-1146
CVE-2012-1097CVE-2012-0884CVE-2012-0879CVE-2012-0840
CVE-2012-0815CVE-2012-0814CVE-2012-0061CVE-2012-0060
CVE-2012-0053CVE-2012-0044CVE-2012-0038CVE-2012-0031
CVE-2012-0029CVE-2012-0028CVE-2012-0027


Locations | Careers | Privacy Policy     
© 2013 MontaVista Software, LLC. All Rights Reserved