6
CVSSv2

CVE-2011-2520

Published: 21/07/2011 Updated: 29/08/2017
CVSS v2 Base Score: 6 | Impact Score: 10 | Exploitability Score: 1.5
VMScore: 534
Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C

Vulnerability Summary

fw_dbus.py in system-config-firewall 1.2.29 and previous versions uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.