CVE-2013-2152

EUVD-2013-2117
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
redhatenterprise_virtualization
3.2
𝑥
= Vulnerable software versions
References
http://rhn.redhat.com/errata/RHSA-2013-0924.html
http://rhn.redhat.com/errata/RHSA-2013-0925.html
http://www.securityfocus.com/bid/60475
https://bugzilla.redhat.com/show_bug.cgi?id=971172
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
http://rhn.redhat.com/errata/RHSA-2013-0924.html
http://rhn.redhat.com/errata/RHSA-2013-0925.html
http://www.securityfocus.com/bid/60475
https://bugzilla.redhat.com/show_bug.cgi?id=971172
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866