Libdbus DBUS_SYSTEM_BUS_ADDRESS Variable Local Privilege Escalation

Libdbus 1.5.x and earlier, when used in setuid processes not clearing the environment variables, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2012-3524
Product Version: 
12.5
Released Date: 
Wednesday, October 24, 2012 - 00:00