CVE-2013-2231

2013-10-0117:55:03

Debian Security Bug Tracker

security-tracker.debian.org

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.

OSVersionArchitecturePackageVersionFilename
Debian12allqemu< 1:7.2+dfsg-7+deb12u6qemu_1:7.2+dfsg-7+deb12u6_all.deb
Debian11allqemu< 1:5.2+dfsg-11+deb11u3qemu_1:5.2+dfsg-11+deb11u3_all.deb
Debian999allqemu< 1:8.2.5+ds-2qemu_1:8.2.5+ds-2_all.deb
Debian13allqemu< 1:8.2.4+ds-1qemu_1:8.2.4+ds-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	qemu	< 1:7.2+dfsg-7+deb12u6	qemu_1:7.2+dfsg-7+deb12u6_all.deb
Debian	11	all	qemu	< 1:5.2+dfsg-11+deb11u3	qemu_1:5.2+dfsg-11+deb11u3_all.deb
Debian	999	all	qemu	< 1:8.2.5+ds-2	qemu_1:8.2.5+ds-2_all.deb
Debian	13	all	qemu	< 1:8.2.4+ds-1	qemu_1:8.2.4+ds-1_all.deb