An issue exists in dbus-broker prior to 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dbus-broker project dbus-broker |