Описание
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Virtualization 3 | spice-vdagent-win | Will not fix | ||
| RHEV-M 3.1 | Fixed | RHSA-2013:0924 | 10.06.2013 | |
| RHEV Manager version 3.2 | rhev-guest-tools-iso | Fixed | RHSA-2013:0925 | 10.06.2013 |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-428
https://bugzilla.redhat.com/show_bug.cgi?id=971172rhevm: spice service unquoted search path
EPSS
Процентиль: 22%
0.00071
Низкий
7.2 High
CVSS2
Связанные уязвимости
nvd
около 12 лет назад
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
github
больше 3 лет назад
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
EPSS
Процентиль: 22%
0.00071
Низкий
7.2 High
CVSS2