FreeBSD Ports: Ja-uim Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/13981 http://lists.freedesktop.org/pipermail/uim/2005-February/000996.html http://www.vuxml.org/freebsd/fb03b1c6-8a8a-11d9-81f7-02023f003c9f.html

Insight

The following package is affected: ja-uim CVE-2005-0503 uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.

Severity

Classification

CVE CVE-2005-0503
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: acroread7, ja-acroread
FreeBSD Ports: bind
django -- cross-site scripting vulnerability
FreeBSD Ports: bogofilter
avahi -- denial of service

FreeBSD Ports: ja-uim

Take action and discover your vulnerabilities