Mandrake Linux Security Advisory : uim (MDKSA-2005:046)
Medium Nessus Plugin ID 17215
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionTakumi ASAKI discovered that uim always trusts environment variables which can allow a local attacker to obtain elevated privileges when libuim is linked against an suid/sgid application. This problem is only exploitable in 'immodule for Qt' enabled Qt applications.
The updated packages are patched to fix the problem.
SolutionUpdate the affected packages.