CVE-2010-4352
dbus - denial of service
EPSS 0.10%
Description
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
How to fix CVE-2010-4352
To remediate CVE-2010-4352, upgrade the affected package to a fixed version below.
- Debian/dbus—upgrade to 1.2.24-4 or later
- Debian/dbus—upgrade to 1.2.1-5+lenny2 or later
Is CVE-2010-4352 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.2.24-4
- from 0, < 1.2.1-5+lenny2