CVE-2013-1993 – Mesa: Multiple integer overflows leading to heap-based bufer overflows
https://notcve.org/view.php?id=CVE-2013-1993
Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions. Múltiples desbordamientos de enteros en X.org libglx en Mesa v9.1.1 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XF86DRIOpenConnection y (2) XF86DRIGetClientDriverName. • http://advisories.mageia.org/MGASA-2013-0190.html http://lists.freedesktop.org/archives/mesa-dev/2013-May/039720.html http://lists.freedesktop.org/archives/mesa-dev/2013-May/039722.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2013-0897.html http://rhn.redhat.com/errata/RHSA-2013-0898.html http://www.debian.org/security/2013/dsa-2678 http://www.mandriva.com/security/advisories?name=MDVSA-2013:181 http://www.openwall • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVE-2001-0474
https://notcve.org/view.php?id=CVE-2001-0474
Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file. • http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3 https://exchange.xforce.ibmcloud.com/vulnerabilities/6231 •