Vulnerability in Freedesktop Dbus

CVE-2011-2533

The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.

EPSS: 0.000 (9.2th percentile) — read the EPSS interpretation.

Affected products

Freedesktop Dbus — versions 1.2.1, 1.2.3, 1.2.4
N/a — versions n/a

Weakness classification (CWE)

CWE-59 — Improper Link Resolution Before File Access

References

cve@mitre.org (x_refsource_CONFIRM)
dbus-configure-symlink(68173) (vdb-entry, x_refsource_XF)
1025720 (vdb-entry, x_refsource_SECTRACK)