{"id":"CVE-2005-0503","details":"uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.","modified":"2026-04-10T03:36:55.076842Z","published":"2005-02-21T05:00:00Z","references":[{"type":"ADVISORY","url":"http://lists.freedesktop.org/archives/uim/2005-February/000996.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/13981"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:046"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/12604"},{"type":"FIX","url":"http://secunia.com/advisories/13981"},{"type":"FIX","url":"http://www.securityfocus.com/bid/12604"}],"schema_version":"1.7.5"}