CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.

Published: Apr 7, 2014
Updated: Apr 13, 2023
CVE: CVE-2012-2095
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
fedoraproject / fedora	17	17.x
david_paleino / wicd	1.4.0	1.4.0.x
fedoraproject / fedora	16	16.x
david_paleino / wicd	1.2.7	1.2.7.x
david_paleino / wicd	1.5.7	1.5.7.x
david_paleino / wicd	1.5.8	1.5.8.x
david_paleino / wicd	1.5.3	1.5.3.x
david_paleino / wicd	1.4.2	1.4.2.x
david_paleino / wicd	1.5.2	1.5.2.x
david_paleino / wicd	1.5.4	1.5.4.x
david_paleino / wicd	1.3.1	1.3.1.x
david_paleino / wicd	1.6.2	1.6.2.x
david_paleino / wicd	1.5.9	1.5.9.x
david_paleino / wicd	-	1.7.1.x
david_paleino / wicd	1.6.0	1.6.0.x
david_paleino / wicd	1.7.1-beta3	1.7.1-beta3.x
david_paleino / wicd	1.5.5	1.5.5.x
fedoraproject / fedora	15	15.x
david_paleino / wicd	1.7.0	1.7.0.x
david_paleino / wicd	1.4.1	1.4.1.x
david_paleino / wicd	1.5.0	1.5.0.x
david_paleino / wicd	1.5.1	1.5.1.x
david_paleino / wicd	1.5.6	1.5.6.x

Vulnerability Database

290,476

CVE-2012-2095