Описание
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3149
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331620
- http://lists.freedesktop.org/pipermail/uim/2005-September/001346.html
- http://lists.freedesktop.org/pipermail/uim/2005-September/001347.html
- http://secunia.com/advisories/17043
- http://secunia.com/advisories/17058
- http://secunia.com/advisories/17572
- http://securitytracker.com/id?1015002
- http://www.debian.org/security/2005/dsa-895
- http://www.gentoo.org/security/en/glsa/glsa-200510-03.xml
- http://www.securityfocus.com/bid/15007
- http://www.vupen.com/english/advisories/2005/1946
- http://www.vupen.com/english/advisories/2005/1947
EPSS
CVE ID
Связанные уязвимости
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handl ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Уязвимости операционной системы Debian GNU/Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS