Search for vulnerabilities
Vulnerability details: VCID-3ueb-ahz4-aaae
Vulnerability ID VCID-3ueb-ahz4-aaae
Aliases CVE-2010-4352
Summary Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2011:0376
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2010-4352
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2010-4352
Reference id Reference type URL
http://cgit.freedesktop.org/dbus/dbus/commit/?id=7d65a3a6ed8815e34a99c680ac3869fde49dbbd4
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052550.html
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
http://openwall.com/lists/oss-security/2010/12/16/3
http://openwall.com/lists/oss-security/2010/12/16/6
http://openwall.com/lists/oss-security/2010/12/21/3
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4352.json
https://api.first.org/data/v1/epss?cve=CVE-2010-4352
https://bugs.freedesktop.org/show_bug.cgi?id=32321
https://bugzilla.redhat.com/show_bug.cgi?id=663673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352
http://secunia.com/advisories/42580
http://secunia.com/advisories/42760
http://secunia.com/advisories/42911
http://secunia.com/advisories/42960
http://www.debian.org/security/2011/dsa-2149
http://www.remlab.net/op/dbus-variant-recursion.shtml
http://www.securityfocus.com/bid/45377
http://www.ubuntu.com/usn/USN-1044-1
http://www.vupen.com/english/advisories/2010/3325
http://www.vupen.com/english/advisories/2011/0161
http://www.vupen.com/english/advisories/2011/0178
http://www.vupen.com/english/advisories/2011/0464
cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:*
CVE-2010-4352 https://nvd.nist.gov/vuln/detail/CVE-2010-4352
GLSA-201110-14 https://security.gentoo.org/glsa/201110-14
RHSA-2011:0376 https://access.redhat.com/errata/RHSA-2011:0376
USN-1044-1 https://usn.ubuntu.com/1044-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-4352
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.10982
EPSS Score 0.00044
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.