Vulnerability Details : CVE-2012-2737
The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition.
Products affected by CVE-2012-2737
- cpe:2.3:a:ray_stode:accountsservice:*:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.19:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.18:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.17:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.16:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.20:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:ray_stode:accountsservice:0.6.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-2737
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-2737
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
1.9
|
LOW | AV:L/AC:M/Au:N/C:P/I:N/A:N |
3.4
|
2.9
|
NIST |
CWE ids for CVE-2012-2737
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2737
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083359.html
[SECURITY] Fedora 17 Update: accountsservice-0.6.21-2.fc17
-
http://cgit.freedesktop.org/accountsservice/commit/?id=27f3d93a82fde4f6c7ab54f3f008af04f93f9c69
accountsservice - D-Bus interface for user account query and manipulation (mirrored from https://gitlab.freedesktop.org/accountsservice/accountsservice)
-
http://cgit.freedesktop.org/accountsservice/commit/?id=bd51aa4cdac380f55d607f4ffdf2ab3c00d08721
accountsservice - D-Bus interface for user account query and manipulation (mirrored from https://gitlab.freedesktop.org/accountsservice/accountsservice)Exploit;Patch
-
http://cgit.freedesktop.org/accountsservice/commit/?id=26213aa0e0d8dca5f36cc23f6942525224cbe9f5
accountsservice - D-Bus interface for user account query and manipulation (mirrored from https://gitlab.freedesktop.org/accountsservice/accountsservice)Exploit;Patch
-
https://bugzilla.redhat.com/show_bug.cgi?id=832532
832532 – (CVE-2012-2737) CVE-2012-2737 accountsservice: local file disclosure flaw
-
http://cgit.freedesktop.org/accountsservice/commit/?id=4c5b12e363410e490e776e4b4a86dcce157a543d
accountsservice - D-Bus interface for user account query and manipulation (mirrored from https://gitlab.freedesktop.org/accountsservice/accountsservice)Exploit;Patch
-
http://www.ubuntu.com/usn/USN-1485-1
USN-1485-1: AccountsService vulnerability | Ubuntu security notices
-
https://hermes.opensuse.org/messages/15100967
openSUSE.org - 503
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/76648
accountsservice user_change_icon_file_authorized_cb() information disclosure CVE-2012-2737 Vulnerability Report
-
http://www.openwall.com/lists/oss-security/2012/06/28/9
oss-security - accountsservice local file disclosure flaw (CVE-2012-2737)
-
http://www.securityfocus.com/bid/54223
AccountsService 'user_change_icon_file_authorized_cb()' Function File Disclosure Vulnerability
Jump to