USN-1351-1: AccountsService vulnerability
31 January 2012
AccountsService could be made to overwrite files as the administrator.
- accountsservice - query and manipulate user account information
Hayawardh Vijayakumar discovered that AccountsService incorrectly handled
privileges when modifying the language settings on Ubuntu. A local attacker
could exploit this issue to modify arbitrary files, and possibly create a
denial of service or obtain increased privileges.