CVE-2019-12795 is a vulnerability in GNOME Gvfs
Published on June 11, 2019

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-12795

Want to know whenever a new CVE is published for GNOME Gvfs? stack.watch will email you.

GNOME Gvfs

Exploit Probability

EPSS

0.08%

Percentile

24.16%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-12795 is a vulnerability in GNOME GvfsPublished on June 11, 2019

Products Associated with CVE-2019-12795

Exploit Probability

CVE-2019-12795 is a vulnerability in GNOME Gvfs
Published on June 11, 2019