Lucene search
Veracode Vulnerability DatabaseVERACODE:11075HistoryJan 15, 2019 - 8:56 a.m.
Privilege Escalation
2019-01-1508:56:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.0004 Low
EPSS
Percentile
5.1%
QEMU-kvm is vulnerable to privilege escalation. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.
References
rhn.redhat.com/errata/RHSA-2013-1100.html
rhn.redhat.com/errata/RHSA-2013-1101.html
access.redhat.com/errata/RHSA-2013:1100
access.redhat.com/errata/RHSA-2013:1101
access.redhat.com/security/cve/CVE-2013-2231
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=980757
rhn.redhat.com/errata/RHSA-2013-1100.html
Related
nessus
nessus
CentOS 6 : qemu-kvm (CESA-2013:1100)
2013-07-24 00:00:00
Oracle Linux 6 : qemu-kvm (ELSA-2013-1100)
2013-07-23 00:00:00
RHEL 6 : virtio-win (RHSA-2013:1101)
2013-07-23 00:00:00
centos
centos
qemu security update
2013-07-22 20:02:54
oraclelinux
oraclelinux
qemu-kvm security update
2013-07-22 00:00:00
openvas
openvas
CentOS Update for qemu-guest-agent CESA-2013:1100 centos6
2013-08-01 00:00:00
Mageia: Security Advisory (MGASA-2013-0235)
2022-01-28 00:00:00
Oracle: Security Advisory (ELSA-2013-1100)
2015-10-06 00:00:00
redhat
redhat
(RHSA-2013:1100) Important: qemu-kvm security update
2013-07-22 00:00:00
(RHSA-2013:1101) Important: virtio-win security update
2013-07-22 00:00:00
debiancve
debiancve
CVE-2013-2231
2013-10-01 17:55:03
cve
cve
CVE-2013-2231
2013-10-01 17:55:03
cvelist
cvelist
CVE-2013-2231
2013-10-01 17:00:00
mageia
mageia
Updated qemu package fixes CVE-2013-2231
2013-07-26 15:54:55
prion
prion
Design/Logic Flaw
2013-10-01 17:55:00
nvd
nvd
CVE-2013-2231
2013-10-01 17:55:03