{"api_version":"1","generated_at":"2026-05-13T00:20:39+00:00","cve":"CVE-2010-1172","urls":{"html":"https://cve.report/CVE-2010-1172","api":"https://cve.report/api/cve/CVE-2010-1172.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-1172","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-1172"},"summary":{"title":"CVE-2010-1172","description":"DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.","state":"PUBLISHED","assigner":"redhat","published_at":"2010-08-20 18:00:02","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"3.6","severity":"","vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://support.avaya.com/css/P8/documents/100113103","name":"http://support.avaya.com/css/P8/documents/100113103","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"ASA-2010-276 (RHSA-2010-0616)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:022","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://cgit.freedesktop.org/dbus/dbus-glib/commit/?h=rhel5&id=9a6bce9b615abca6068348c1606ba8eaf13d9ae0","name":"http://cgit.freedesktop.org/dbus/dbus-glib/commit/?h=rhel5&id=9a6bce9b615abca6068348c1606ba8eaf13d9ae0","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"dbus/dbus-glib - Glib bindings for D-Bus lightweight IPC mechanism  (mirrored from https://gitlab.freedesktop.org/dbus/dbus-glib)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=585394","name":"https://bugzilla.redhat.com/show_bug.cgi?id=585394","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"585394 – (CVE-2010-1172) CVE-2010-1172 dbus-glib: property access not validated","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0616.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0616.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:019","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/42347","name":"http://www.securityfocus.com/bid/42347","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"dbus-glib 'access' Flag Local Denial Of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/40925","name":"http://secunia.com/advisories/40925","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Security Advisory SA40925 - Red Hat update for dbus-glib - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:020","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/40908","name":"http://secunia.com/advisories/40908","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"dbus-glib D-Bus GLib Bindings Property Access Security Bypass - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42397","name":"http://secunia.com/advisories/42397","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SUSE Update for Multiple Packages - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/3097","name":"http://www.vupen.com/english/advisories/2010/3097","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","name":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Juniper Networks - 2015-10 Security Bulletin: CTPView: Multiple Vulnerabilities in CTPView","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/2063","name":"http://www.vupen.com/english/advisories/2010/2063","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61041","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61041","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-1172","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1172","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"1172","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"freedesktop","cpe5":"dbus-glib","cpe6":"0.73","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T01:14:06.579Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"40908","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40908"},{"name":"SUSE-SR:2010:020","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"},{"name":"ADV-2010-2063","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/2063"},{"name":"glib-property-security-bypass(61041)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61041"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://cgit.freedesktop.org/dbus/dbus-glib/commit/?h=rhel5&id=9a6bce9b615abca6068348c1606ba8eaf13d9ae0"},{"name":"SUSE-SR:2010:022","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"},{"name":"40925","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40925"},{"name":"42397","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42397"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.avaya.com/css/P8/documents/100113103"},{"name":"42347","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/42347"},{"name":"ADV-2010-3097","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/3097"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"name":"SUSE-SR:2010:019","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"name":"RHSA-2010:0616","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0616.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=585394"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2010-08-10T00:00:00.000Z","descriptions":[{"lang":"en","value":"DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-16T14:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"40908","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40908"},{"name":"SUSE-SR:2010:020","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"},{"name":"ADV-2010-2063","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/2063"},{"name":"glib-property-security-bypass(61041)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61041"},{"tags":["x_refsource_CONFIRM"],"url":"http://cgit.freedesktop.org/dbus/dbus-glib/commit/?h=rhel5&id=9a6bce9b615abca6068348c1606ba8eaf13d9ae0"},{"name":"SUSE-SR:2010:022","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"},{"name":"40925","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40925"},{"name":"42397","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42397"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.avaya.com/css/P8/documents/100113103"},{"name":"42347","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/42347"},{"name":"ADV-2010-3097","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/3097"},{"tags":["x_refsource_CONFIRM"],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"name":"SUSE-SR:2010:019","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"name":"RHSA-2010:0616","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0616.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=585394"}]}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2010-1172","datePublished":"2010-08-20T17:00:00.000Z","dateReserved":"2010-03-29T00:00:00.000Z","dateUpdated":"2024-08-07T01:14:06.579Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2010-08-20 18:00:02","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freedesktop:dbus-glib:0.73:*:*:*:*:*:*:*","matchCriteriaId":"4A54D95E-0283-4EAA-8128-A4D8C108A2F7"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"1172","Ordinal":"1","Title":"CVE-2010-1172","CVE":"CVE-2010-1172","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"1172","Ordinal":"1","NoteData":"DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.","Type":"Description","Title":"CVE-2010-1172"},{"CveYear":"2010","CveId":"1172","Ordinal":"2","NoteData":"2010-08-20","Type":"Other","Title":"Published"},{"CveYear":"2010","CveId":"1172","Ordinal":"3","NoteData":"2017-08-16","Type":"Other","Title":"Modified"}]}}}