Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2792

Опубликовано: 25 авг. 2010
Источник: redhat
CVSS2: 3.3
EPSS Низкий

Описание

Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client (aka qspice-client) in qspice 0.3.0, and then accessing this socket.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=620350spice-xpi/qspice-client unix socket race

EPSS

Процентиль: 15%
0.00049
Низкий

3.3 Low

CVSS2

Связанные уязвимости

nvd логотип

CVE-2010-2792

nvd
больше 15 лет назад

Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client (aka qspice-client) in qspice 0.3.0, and then accessing this socket.

debian логотип

CVE-2010-2792

debian
больше 15 лет назад

Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox al ...

github логотип

GHSA-jj4v-3jp4-pvcr

github
больше 3 лет назад

Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client (aka qspice-client) in qspice 0.3.0, and then accessing this socket.

EPSS

Процентиль: 15%
0.00049
Низкий

3.3 Low

CVSS2