What is the severity of CVE-2011-2200?

CVE-2011-2200 has a high severity level as it can cause denial of service due to improper handling of non-native byte order.

How do I fix CVE-2011-2200?

To fix CVE-2011-2200, you should update D-Bus to version 1.2.28 or later for the 1.2.x series, 1.4.12 or later for the 1.4.x series, or 1.5.4 or later for the 1.5.x series.

What software versions are affected by CVE-2011-2200?

CVE-2011-2200 affects D-Bus versions prior to 1.2.28, 1.4.12, and 1.5.4.

Can CVE-2011-2200 be exploited remotely?

No, CVE-2011-2200 can only be exploited by local users.

What are the consequences of CVE-2011-2200?

The consequences of CVE-2011-2200 include denial of service, which may result in connection loss.

Vulnerability/
CVE-2011-2200

medium

4.6

CWE

12/6/2011

22/6/2011

6/8/2024

CVE-2011-2200: Input Validation

First published: Sun Jun 12 2011(Updated: )

The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain potentially sensitive information, or conduct unspecified state-modification attacks via crafted messages.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/dbus	<1.1.28	1.1.28
redhat/dbus	<1.4.12	1.4.12
redhat/dbus	<1.5.4	1.5.4
dbus	=1.5.0
dbus	=1.5.2
dbus	=1.4.8
dbus	=1.4.1
dbus	=1.4.0
dbus	=1.4.6
dbus	=1.4.10
dbus	=1.4.4
dbus	=1.2.4.2
dbus	=1.2.1
dbus	=1.2.14
dbus	=1.2.4
dbus	=1.2.4.4
dbus	=1.2.2
dbus	=1.2.10
dbus	=1.2.8
dbus	=1.2.12
dbus	=1.2.26
dbus	=1.2.24
dbus	=1.2.22
dbus	=1.2.4.6
dbus	=1.2.6
dbus	=1.2.20
dbus	=1.2.16
dbus	=1.2.18
dbus	=1.2.3
Freedesktop D-Bus	=1.5.0
Freedesktop D-Bus	=1.5.2
Freedesktop D-Bus	=1.4.0
Freedesktop D-Bus	=1.4.1
Freedesktop D-Bus	=1.4.4
Freedesktop D-Bus	=1.4.6
Freedesktop D-Bus	=1.4.8
Freedesktop D-Bus	=1.4.10
Freedesktop D-Bus	=1.2.1
Freedesktop D-Bus	=1.2.2
Freedesktop D-Bus	=1.2.3
Freedesktop D-Bus	=1.2.4
Freedesktop D-Bus	=1.2.6
Freedesktop D-Bus	=1.2.8
Freedesktop D-Bus	=1.2.10
Freedesktop D-Bus	=1.2.12
Freedesktop D-Bus	=1.2.14
Freedesktop D-Bus	=1.2.16
Freedesktop D-Bus	=1.2.18
Freedesktop D-Bus	=1.2.20
Freedesktop D-Bus	=1.2.22
Freedesktop D-Bus	=1.2.24
Freedesktop D-Bus	=1.2.26

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2200?
CVE-2011-2200 has a high severity level as it can cause denial of service due to improper handling of non-native byte order.
How do I fix CVE-2011-2200?
To fix CVE-2011-2200, you should update D-Bus to version 1.2.28 or later for the 1.2.x series, 1.4.12 or later for the 1.4.x series, or 1.5.4 or later for the 1.5.x series.
What software versions are affected by CVE-2011-2200?
CVE-2011-2200 affects D-Bus versions prior to 1.2.28, 1.4.12, and 1.5.4.
Can CVE-2011-2200 be exploited remotely?
No, CVE-2011-2200 can only be exploited by local users.
What are the consequences of CVE-2011-2200?
The consequences of CVE-2011-2200 include denial of service, which may result in connection loss.

agent/references
agent/type
agent/first-publish-date
agent/remedy
agent/weakness
agent/severity
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2011-2200
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/source
agent/author
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
collector/nvd-index
package-manager/redhat
vendor/d-bus project
canonical/dbus
version/dbus/1.5.0
version/dbus/1.5.2
version/dbus/1.4.8
version/dbus/1.4.1
version/dbus/1.4.0
version/dbus/1.4.6
version/dbus/1.4.10
version/dbus/1.4.4
version/dbus/1.2.4.2
version/dbus/1.2.1
version/dbus/1.2.14
version/dbus/1.2.4
version/dbus/1.2.4.4
version/dbus/1.2.2
version/dbus/1.2.10
version/dbus/1.2.8
version/dbus/1.2.12
version/dbus/1.2.26
version/dbus/1.2.24
version/dbus/1.2.22
version/dbus/1.2.4.6
version/dbus/1.2.6
version/dbus/1.2.20
version/dbus/1.2.16
version/dbus/1.2.18
version/dbus/1.2.3
vendor/freedesktop
canonical/freedesktop d-bus
version/freedesktop d-bus/1.5.0
version/freedesktop d-bus/1.5.2
version/freedesktop d-bus/1.4.0
version/freedesktop d-bus/1.4.1
version/freedesktop d-bus/1.4.4
version/freedesktop d-bus/1.4.6
version/freedesktop d-bus/1.4.8
version/freedesktop d-bus/1.4.10
version/freedesktop d-bus/1.2.1
version/freedesktop d-bus/1.2.2
version/freedesktop d-bus/1.2.3
version/freedesktop d-bus/1.2.4
version/freedesktop d-bus/1.2.6
version/freedesktop d-bus/1.2.8
version/freedesktop d-bus/1.2.10
version/freedesktop d-bus/1.2.12
version/freedesktop d-bus/1.2.14
version/freedesktop d-bus/1.2.16
version/freedesktop d-bus/1.2.18
version/freedesktop d-bus/1.2.20
version/freedesktop d-bus/1.2.22
version/freedesktop d-bus/1.2.24
version/freedesktop d-bus/1.2.26

CVE-2011-2200: Input Validation

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2200?

How do I fix CVE-2011-2200?

What software versions are affected by CVE-2011-2200?

Can CVE-2011-2200 be exploited remotely?

What are the consequences of CVE-2011-2200?

Company

Resources

Contact