Uim: Security Vulnerabilities
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-10-05
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-02-21