CVE-2011-2200

Published Jun 22, 2011

Last updated a year ago

CVSS info 4.6

Overview

Description: The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain potentially sensitive information, or conduct unspecified state-modification attacks via crafted messages.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFC34AF2-60BD-4D52-8704-B0A4E3B9F35E"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA8D645B-19A4-4AF5-A667-C95F90B8F282"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D95FA2A-9CFB-4B02-A849-36431874AB7C"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE4B9649-3F37-4700-A900-2D0EDFAB1FDB"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70C7FEDA-AE1E-4BD9-8998-9A6C01F80277"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71648B78-E1D4-4F74-B029-F6ECE65E84A7"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD3C815C-E979-45DF-AA05-1A2CAF4DF910"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E72AD88-640C-4B27-9A56-570151667FD5"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.2.4.2:*:*:*:*:*:*:permissive",
            "vulnerable": true,
            "matchCriteriaId": "7EC60852-AB03-4B8D-B5A0-1114863787D6"
          },
          {
            "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.2.4.4:*:*:*:*:*:*:permissive",
            "vulnerable": true,
            "matchCriteriaId": "3B95EA9A-9636-4201-953C-585109E029A5"
          },
          {
            "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.2.4.6:*:*:*:*:*:*:permissive",
            "vulnerable": true,
            "matchCriteriaId": "3715D2CE-2CB4-4097-8515-C8F964DB7461"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90BDF532-871B-4A0B-B536-038545C2339C"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D763F9DE-EC14-4B65-89D4-6F8FDEE90047"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "627AC7FF-614F-4143-B068-129D56F47A0F"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBC10415-F373-4C1B-ACD5-BC1D90D60EF7"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FCD6303-8FC9-4B1B-9072-769F37624A8D"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75E0C99C-082B-4D68-97D2-0CC66FDF360E"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DA563AB-1D70-40E5-A758-232C4C9D5C73"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84B75034-C869-4202-AEF1-8BA415D0584F"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E1C08CC-0038-40B0-8D8F-98B64ED6DCCC"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAF59F71-42DA-4E2F-AC3F-C497B74CE485"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36489DA8-B79B-4073-9737-36A1D1BFD42E"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20190232-8F31-4373-9609-BBF8A2534FC1"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEA457CD-A86F-4609-A41B-EC17C278AD39"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9645C83A-B9AE-4199-8BF9-F859D06521CE"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.2.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1700DA29-C87F-4F90-9C8B-62E228C89E22"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References