FreeBSD : uim -- privilege escalation vulnerability (1e606080-3293-11da-ac91-020039488e34)
High Nessus Plugin ID 21395
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe uim developers reports :
Masanari Yamamoto discovered that incorrect use of environment variables in uim. This bug causes privilege escalation if setuid/setgid applications was linked to libuim.
This bug appears in 'immodule for Qt' enabled Qt. (Normal Qt is also safe.) In some distribution, mlterm is also an setuid/setgid application.
SolutionUpdate the affected package.