Vulnerability in Gnome Ifcfg-rh_plug-in
CVE-2011-3364
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users…
EPSS: 0.001 (25.0th percentile) — read the EPSS interpretation.
Affected products
- Gnome Ifcfg-rh_plug-in
- Gnome Networkmanager — versions 0.8.1, 0.9.0, 0.9.1
- N/a — versions n/a
References
- secalert@redhat.com (Exploit, x_refsource_MISC)
- FEDORA-2011-13425 (x_refsource_FEDORA, vendor-advisory)
- secalert@redhat.com (Exploit, Patch, x_refsource_MISC)
- MDVSA-2011:171 (vendor-advisory, x_refsource_MANDRIVA)
- RHSA-2011:1338 (x_refsource_REDHAT, vendor-advisory)