Vulnerabilities

CVE-2010-2792

by Fred · 30/08/2010

Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client (aka qspice-client) in qspice 0.3.0, and then accessing this socket.

Date published : 2010-08-30

http://www.securityfocus.com/bid/42711

https://bugzilla.redhat.com/show_bug.cgi?id=620350

Related

Tags: Cybersecurity Alert