RSS   Vulnerabilities for 'UIM'   RSS

2005-10-05
 
CVE-2005-3149

 

 
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.

 
2005-02-21
 
CVE-2005-0503

 

 
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.

 


Copyright 2024, cxsecurity.com

 

Back to Top