fw_dbus.py in system-config-firewall 1.2.29 and previous versions uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat system-config-firewall |
||
fedoraproject fedora 15 |