Libdbus 1.5.x and earlier, when used in setuid processes not clearing the environment variables, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable.
CVE Link
Exploit Type - Old
Exploits/Local
Exploit Platform
Product Name