CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2793

Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this named pipe, in conjunction with use of the ImpersonateNamedPipeClient function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.7%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2010-2793

Redhat » Spice-Activex » Version: N/A

cpe:2.3:a:redhat:spice-activex:-
Redhat » Enterprise Virtualization Manager » Version: 2.1

cpe:2.3:o:redhat:enterprise_virtualization_manager:2.1
Redhat » Enterprise Virtualization Manager » Version: 2.2

cpe:2.3:o:redhat:enterprise_virtualization_manager:2.2
Redhat » Enterprise Virtualization Manager » Version: 2.2.3

cpe:2.3:o:redhat:enterprise_virtualization_manager:2.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2793

Products

Pricing

Contact Us