Lucene search

K

[email protected]NVD:CVE-2013-2231

HistoryOct 01, 2013 - 5:55 p.m.

CVE-2013-2231

2013-10-0117:55:03

CWE-399

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.

Affected configurations

NVD

Node

redhatenterprise_linuxMatch6.0

OR

redhatenterprise_linux_desktop_supplementaryMatch6.0

OR

redhatenterprise_linux_server_supplementaryMatch6.0

OR

redhatenterprise_linux_server_supplementaryMatch6.4

OR

redhatenterprise_linux_server_supplementaryMatch6.4.z

OR

redhatenterprise_linux_workstation_supplementaryMatch6.0

AND

microsoftwindows

References

rhn.redhat.com/errata/RHSA-2013-1100.html

rhn.redhat.com/errata/RHSA-2013-1101.html

bugzilla.redhat.com/show_bug.cgi?id=980757

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for NVD:CVE-2013-2231

nessus5 centos1 oraclelinux1 openvas7 redhat2 debiancve1 veracode1 cve1 cvelist1 mageia1 prion1