CVE-2013-2231

Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2013-1100.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1101.html	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=980757

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.4.z:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

13 Feb 2023, 04:44

Type	Values Removed	Values Added
References	~~{'url': 'https://access.redhat.com/errata/RHSA-2013:1100', 'name': 'https://access.redhat.com/errata/RHSA-2013:1100', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/security/cve/CVE-2013-2231', 'name': 'https://access.redhat.com/security/cve/CVE-2013-2231', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2013:1101', 'name': 'https://access.redhat.com/errata/RHSA-2013:1101', 'tags': [], 'refsource': 'MISC'}~~
Summary	~~CVE-2013-2231 qemu: qemu-ga win32 service unquoted search path~~	Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.

02 Feb 2023, 18:17

Type	Values Removed	Values Added
References		(MISC) https://access.redhat.com/errata/RHSA-2013:1100 - (MISC) https://access.redhat.com/security/cve/CVE-2013-2231 - (MISC) https://access.redhat.com/errata/RHSA-2013:1101 -
Summary	Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.	CVE-2013-2231 qemu: qemu-ga win32 service unquoted search path

Information

Published : 2013-10-01 17:55

Updated : 2023-12-10 11:16

NVD link : CVE-2013-2231

Mitre link : CVE-2013-2231

CVE.ORG link : CVE-2013-2231

JSON object : View

Products Affected

redhat

enterprise_linux
enterprise_linux_desktop_supplementary
enterprise_linux_workstation_supplementary
enterprise_linux_server_supplementary

microsoft

windows

CWE

CWE-399

Resource Management Errors

7.2 /10