language-selector vulnerability

2011-04-19T00:00:00
ID USN-1115-1
Type ubuntu
Reporter Ubuntu
Modified 2011-04-19T00:00:00

Description

Romain Perier discovered that the language-selector D-Bus backend did not
correctly check for Policy Kit authorizations. A local attacker could exploit
this to inject shell commands into the system-wide locale configuration file,
leading to root privilege escalation.