Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6
CVSSv2

CVE-2011-2520

Published: 21/07/2011 Updated: 21/01/2024
CVSS v2 Base Score: 6 | Impact Score: 10 | Exploitability Score: 1.5
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 534
Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C
Subscribe to System-config-firewall

Vulnerability Summary

fw_dbus.py in system-config-firewall 1.2.29 and previous versions uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat system-config-firewall

fedoraproject fedora 15

References

CWE-502http://www.openwall.com/lists/oss-security/2011/07/18/6http://www.securityfocus.com/bid/48715https://bugzilla.redhat.com/show_bug.cgi?id=717985http://secunia.com/advisories/45294http://securitytracker.com/id?1025793http://www.redhat.com/support/errata/RHSA-2011-0953.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-August/063314.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/68734https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook