← Back

Uim

uim

Vendor: Uim • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2005-3149
1Uim
1Uim
Apr 16, 2026
Oct 5, 2005
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to ga...Show more
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.Show less
CVE-2005-0503
2Mandrakesoft
Uim
2Mandrake Linux
Uim
Apr 16, 2026
Feb 21, 2005
N/A· v4
N/A· v3
4.6 MEDIUM· v2
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.