The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
2014-04-07T15:55:04.077
2025-04-12T10:46:40.837
Deferred
CVSSv2: 6.9 (MEDIUM)
AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | david_paleino | wicd | ≤ 1.7.1 | Yes |
| Application | david_paleino | wicd | 1.2.7 | Yes |
| Application | david_paleino | wicd | 1.3.1 | Yes |
| Application | david_paleino | wicd | 1.4.0 | Yes |
| Application | david_paleino | wicd | 1.4.1 | Yes |
| Application | david_paleino | wicd | 1.4.2 | Yes |
| Application | david_paleino | wicd | 1.5.0 | Yes |
| Application | david_paleino | wicd | 1.5.1 | Yes |
| Application | david_paleino | wicd | 1.5.2 | Yes |
| Application | david_paleino | wicd | 1.5.3 | Yes |
| Application | david_paleino | wicd | 1.5.4 | Yes |
| Application | david_paleino | wicd | 1.5.5 | Yes |
| Application | david_paleino | wicd | 1.5.6 | Yes |
| Application | david_paleino | wicd | 1.5.7 | Yes |
| Application | david_paleino | wicd | 1.5.8 | Yes |
| Application | david_paleino | wicd | 1.5.9 | Yes |
| Application | david_paleino | wicd | 1.6.0 | Yes |
| Application | david_paleino | wicd | 1.6.2 | Yes |
| Application | david_paleino | wicd | 1.7.0 | Yes |
| Application | david_paleino | wicd | 1.7.1 | Yes |
| Operating System | fedoraproject | fedora | 15 | Yes |
| Operating System | fedoraproject | fedora | 16 | Yes |
| Operating System | fedoraproject | fedora | 17 | Yes |