2 matches found
CVE-2011-0729
CVE-2011-0729 affects the language-selector D-Bus backend (dbus_backend/ls-dbus-backend) in versions before 0.6.7. The component does not restrict access based on PolicyKit checks, allowing a local user to modify /etc/default/locale and /etc/environment via (1) SetSystemDefaultLangEnv or (2) SetS...
CVE-2011-1842
CVE-2011-1842 affects the language-selector D-Bus backend (dbus_backend/lsd.py) where SetSystemDefaultLangEnv and SetSystemDefaultLanguageEnv do not validate shell-containing arguments, enabling local privilege escalation. The issue is tied to the same underlying flaw as CVE-2011-0729 (policykit ...