ID CVE-2013-2176
Summary Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 29-08-2013 - 12:51)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
rhsa
id RHSA-2013:1122
rpms rhev-guest-tools-iso-0:3.2-12
refmap via4
Last major update 29-08-2013 - 12:51
Published 28-08-2013 - 21:55
Last modified 29-08-2013 - 12:51
Back to Top