CVE-2005-0503 - Proper Duties
Description
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications which allows local users to gain privileges.
Reference
http://lists.freedesktop.org/archives/uim/2005-February/000996.html http://www.securityfocus.com/bid/12604 http://secunia.com/advisories/13981 http://www.mandriva.com/security/advisories?name=MDKSA-2005:046