2 matches found
CVE-2020-15238
Blueman before 2.1.4 is affected by an argument-injection vulnerability in the DhcpClient D-Bus method of blueman-mechanism. Local attackers may escalate privileges depending on system configuration: with Polkit-1 disabled and versions
CVE-2015-8612
CVE-2015-8612 affects Blueman up to version 2.0.3, where the EnableNetwork() method in the D-Bus interface allows an attacker with local access to escalate privileges via the dhcp_handler argument. The root cause is input unsanitization in a call to eval() on user-provided data, enabling arbitrar...