CVE-2001-0474 - Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files

CVE-2001-0474

Summary

Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.

References

Vulnerable Configurations

cpe:2.3:a:brian_paul:mesa:*:*:*:*:*:*:*:*
cpe:2.3:a:brian_paul:mesa:*:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:P/A:N

refmap via4

mandrake	MDKSA-2001:029
xf	mesa-utahglx-symlink(6231)

Last major update

10-10-2017 - 01:29

Published

27-06-2001 - 04:00

Last modified

10-10-2017 - 01:29