RSS   Vulnerabilities for 'Accountsservice'   RSS

2018-07-13
 
CVE-2018-14036

CWE-22
 

 
Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.

 

 >>> Vendor: Freedesktop 23 Products
Poppler
Xdg-utils
Policykit
DBUS
Dbus1.0
Dbus1.1.0
Scratchbox2
Udisks
Dbus-glib
Telepathy gabble
Colord
Systemd
Accountsservice
Libdbus
Spice-gtk
Polkit
Libbsd
Virglrenderer
Libpoppler
Libice
Gst-plugins-bad
Libinput
Freetype demo programs


Copyright 2024, cxsecurity.com

 

Back to Top