CVE-2013-2231
qemu: qemu-ga win32 service unquoted search path
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.
Vulnerabilidad de búsqueda de ruta Windows sin entrecomillar en el servicio QEMU GuestAgent para Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, y Workstation Supplementary 6, al instalar Windows, permite a usuarios locales obtener privliegios a través de un programa manipulado en un directorio no especificado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-02-19 CVE Reserved
- 2013-07-22 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
- CWE-428: Unquoted Search Path or Element
CAPEC
References (4)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1100.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2013-1101.html | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=980757 | 2013-07-22 | |
| https://access.redhat.com/security/cve/CVE-2013-2231 | 2013-07-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Supplementary Search vendor "Redhat" for product "Enterprise Linux Desktop Supplementary" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop Supplementary" and version "6.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Enterprise Linux Server Supplementary Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" and version "6.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Enterprise Linux Server Supplementary Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" | 6.4 Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" and version "6.4" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Enterprise Linux Server Supplementary Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" | 6.4.z Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" and version "6.4.z" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Supplementary Search vendor "Redhat" for product "Enterprise Linux Workstation Supplementary" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation Supplementary" and version "6.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|