Lucene search
HistoryJan 21, 2014 - 6:55 p.m.
CVE-2013-2152
cve-2013-2152
spice service
windows
vulnerability
red hat enterprise virtualization
rhev 3.2
nvd
local users
privileges
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
Affected configurations
Node
redhatenterprise_virtualizationMatch3.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:enterprise_virtualization | redhat enterprise virtualization | eq | 3.2 |
Related
nvd
nvd
CVE-2013-2152
2014-01-21 18:55:09
cvelist
cvelist
CVE-2013-2152
2014-01-21 18:00:00
nessus
nessus
RHEL 7 : spice-vdagent-win (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : rhev-guest-tools-iso (RHSA-2013:0925)
2014-11-08 00:00:00
redhat
redhat
(RHSA-2013:0924) Important: spice-vdagent-win security and bug fix update
2013-06-10 00:00:00
(RHSA-2013:0925) Important: rhev-guest-tools-iso security and bug fix update
2013-06-10 00:00:00
prion
prion
Design/Logic Flaw
2014-01-21 18:55:00
openvas
openvas
Microsoft Windows Unquoted Path Vulnerability (SMB Login)
2018-03-23 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-2152