Information Disclosure

accountsservice is vulnerable to Information Disclosure. The vulnerability exists in the userchangepasswordauthorizedcb function of user.c, which could let local users obtain encrypted passwords...

Directory Traversal

accountsservice is vulnerable to Directory Traversal. An attacker is able to use ../ sequences because of an insufficient path check in userchangeiconfileauthorizedcb in user.c...

DEBIAN-CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

Code injection

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

CVE-2012-6655

CVE-2012-6655 affects AccountService (accountsservice) 0.6.37, where a flaw in the user_change_password_authorized_cb() function in user.c could allow a local user to obtain encrypted passwords. The connected records confirm the vulnerable component and the root cause, but do not provide a vendor...

Directory traversal

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in userchangeiconfileauthorizedcb in user.c...

CVE-2018-14036

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in userchangeiconfileauthorizedcb in user.c...

CVE-2018-14036

CVE-2018-14036 : Affected component is AccountsService (before 0.6.50) with an insufficient path check in user_change_icon_file_authorized_cb() in user.c, enabling a directory traversal via ../ sequences. Public references in Ubuntu USN-4616-1, SUSE/SUSE-SU advisories, and OpenVAS/Nessus entries ...

AccountsService -- Insufficient path check in user_change_icon_file_authorized_cb()

NVD reports: Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in userchangeiconfileauthorizedcb in user.c...