Vulnerability in Redhat Enterprise_virtualization

CVE-2013-2152

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

EPSS: 0.001 (21.8th percentile) — read the EPSS interpretation.

Affected products

Redhat Enterprise_virtualization — versions 3.2
N/a — versions n/a

References

RHSA-2013:0924 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
enterprise-cve20132152-priv-esc(84866) (vdb-entry, x_refsource_XF)
RHSA-2013:0925 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
60475 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_MISC)