USN-1115-1: language-selector vulnerability
19 April 2011
Local users could gain root access via the language-selector.
- language-selector - Language selector for Ubuntu Linux
Romain Perier discovered that the language-selector D-Bus backend did not
correctly check for Policy Kit authorizations. A local attacker could exploit
this to inject shell commands into the system-wide locale configuration file,
leading to root privilege escalation.