SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

Accounts Service - (bulletinoct2018)

ID: oval:org.secpod.oval:def:2103414	Date: (C)2019-12-31 (M)2022-10-10
Class: PATCH	Family: unix

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.

Platform:

Sun Solaris 11

Product:

system/library/accountsservice

codec/flac

Reference:

bulletinoct2018

CVE-2018-14036


30479



423868



248038



909



194772



282