Vulnerability in D-bus_project D-bus

CVE-2010-4352

Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.

EPSS: 0.001 (27.2th percentile) — read the EPSS interpretation.

Affected products

D-bus_project D-bus
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

ADV-2011-0178 (vdb-entry, x_refsource_VUPEN)
[oss-security] 20101216 CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants (mailing-list, x_refsource_MLIST, Exploit, Patch)
openSUSE-SU-2012:1418 (vendor-advisory, x_refsource_SUSE)
FEDORA-2010-19166 (x_refsource_FEDORA, vendor-advisory, Exploit, Patch)
secalert@redhat.com (x_refsource_CONFIRM, Patch)
secalert@redhat.com (x_refsource_MISC, Vendor Advisory)
42911 (x_refsource_SECUNIA, third-party-advisory)
[oss-security] 20101221 Re: Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants (mailing-list, x_refsource_MLIST)
42580 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
42960 (x_refsource_SECUNIA, third-party-advisory)