Debian Security Advisory DSA 895-1 (uim)

The remote host is missing an update to uim announced via advisory DSA 895-1. Masanari Yamamoto discovered incorrect use of environment variables in uim, a flexible input method collection and library, that could lead to escalated privileges in setuid/setgid applications linked to libuim. Affecte...

Debian: Security Advisory (DSA-895-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-895-1 : uim - programming error

Masanari Yamamoto discovered incorrect use of environment variables in uim, a flexible input method collection and library, that could lead to escalated privileges in setuid/setgid applications linked to libuim. Affected in Debian is at least mlterm. %NASLMINLEVEL 70300 C Tenable Network Security...

Mandrake Linux Security Advisory : uim (MDKSA-2005:198)

Masanari Yamamoto discovered that Uim uses environment variables incorrectly. This bug causes a privilege escalation if setuid/setgid applications are linked to libuim. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

[SECURITY] [DSA 895-1] New uim packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 895-1 [email protected] http://www.debian.org/security/ Martin Schulze November 14th, 2005 http://www.debian.org/security/faq -...

DSA-895-1 uim - programming error

Bulletin has no description...

DEBIAN-CVE-2005-3149

Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIMVANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges...

uim -- privilege escalation vulnerability

The uim developers reports: Masanari Yamamoto discovered that incorrect use of environment variables in uim. This bug causes privilege escalation if setuid/setgid applications was linked to libuim. This bug appears in 'immodule for Qt' enabled Qt. Normal Qt is also safe. In some distribution,...

CVE-2005-0503

The CVE-2005-0503 issue affects uim (libuim) where environment variables are trusted when linked into setuid/setgid applications, enabling local privilege escalation. Public details from Gentoo GLSA 200502-31 and SUSE/Gentoo advisories specify that only immodule-enabled Qt builds are affected (Qt...

DEBIAN-CVE-2005-0503

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges...