Computer Security
[EN] securityvulns.ru no-pyccku


Ubuntu AccountsService privilege escalation
Published:09.07.2012
Source:
SecurityVulns ID:12463
Type:local
Threat Level:
5/10
Description:Invalid files caching.
Affected:UBUNTU : accountsservice 0.6
CVE:CVE-2012-2737 (The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition.)
Original documentdocumentUBUNTU, [USN-1485-1] AccountsService vulnerability (09.07.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod