CVE-2018-14036 - CERT CVE

  1. CVE-2018-14036

ID CVE-2018-14036
Sažetak Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
Reference
CVSS
Base: 4.0
Impact: 2.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:L/Au:S/C:P/I:N/A:N
Zadnje važnije ažuriranje 06-09-2018 - 16:16
Objavljeno 13-07-2018 - 12:29