Oval Definition:	oval:com.ubuntu.precise:def:20122737000
Revision Date: 2012-07-22 Version: 1 Title: CVE-2012-2737 on Ubuntu 12.04 LTS (precise) - medium. Description: The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition. Family: unix Class: vulnerability Status: Reference(s): CVE-2012-2737 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'accountsservice' package in precise was vulnerable but has been fixed (note: '0.6.15-2ubuntu9.1').
BACK