CVE-2011-2200

2011-06-2200:00:00

ubuntu.com

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.4%

JSON

The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka
DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does
not properly handle a non-native byte order, which allows local users to
cause a denial of service (connection loss), obtain potentially sensitive
information, or conduct unspecified state-modification attacks via crafted
messages.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchdbus< 1.1.20-1ubuntu3.5UNKNOWN
ubuntu10.04noarchdbus< 1.2.16-2ubuntu4.3UNKNOWN
ubuntu10.10noarchdbus< 1.4.0-0ubuntu1.3UNKNOWN
ubuntu11.04noarchdbus< 1.4.6-1ubuntu6.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	dbus	< 1.1.20-1ubuntu3.5	UNKNOWN
ubuntu	10.04	noarch	dbus	< 1.2.16-2ubuntu4.3	UNKNOWN
ubuntu	10.10	noarch	dbus	< 1.4.0-0ubuntu1.3	UNKNOWN
ubuntu	11.04	noarch	dbus	< 1.4.6-1ubuntu6.1	UNKNOWN