Vulnerability Description
Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Enterprise Linux | 6.0 |
| Redhat | Enterprise Linux Desktop Supplementary | 6.0 |
| Redhat | Enterprise Linux Server Supplementary | 6.0 |
| Redhat | Enterprise Linux Workstation Supplementary | 6.0 |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2013-1100.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-1101.htmlVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=980757
- http://rhn.redhat.com/errata/RHSA-2013-1100.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-1101.htmlVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=980757
FAQ
What is CVE-2013-2231?
CVE-2013-2231 is a vulnerability with a CVSS score of 7.2 (HIGH). Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6,...
How severe is CVE-2013-2231?
CVE-2013-2231 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2231?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux, Redhat Enterprise Linux Desktop Supplementary, Redhat Enterprise Linux Server Supplementary, Redhat Enterprise Linux Workstation Supplementary, Microsoft Windows.