2005-06-28 04:00:00
mitre
PUBLISHED
D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another users per-user session bus via that socket.