openSUSE Security Update : accountsservice (openSUSE-SU-2012:0845-1)

This update of accountservice fixed a flaw in userchangeiconfileauthorizedcb that could be exploited by local attackers to read arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Mandriva Linux Security Advisory : accountsservice (MDVSA-2013:060)

Updated accountsservice packages fix security vulnerability : Florian Weimer discovered that AccountsService incorrectly handled privileges when copying certain files to the system cache directory. A local attacker could exploit this issue to read arbitrary files, bypassing intended permissions...

Fedora Update for accountsservice FEDORA-2012-10120

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-2737

The userchangeiconfileauthorizedcb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition...

CVE-2012-2737

AccountsService