CVE-2011-0012

Published: Apr 18, 2011Modified: Apr 29, 2026

3.3

Vector

AV:L/AC:M/Au:N/C:N/I:P/A:P

Exploitability: 3.4 / Impact: 4.9

Source: NVD

Description

The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.

Affected (3)

Products: Redhat: Spice Xpi

Redhat

1 product

Spice Xpi

Configuration A

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Redhat Spice Xpi	Version 2.2
Redhat Spice Xpi	Version 2.3
Redhat Spice Xpi	Version 2.4

Running on/with	Platform Versions
Mozilla Firefox	All versions

Related CWEs

CWE-59

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (10)

http://www.redhat.com/support/errata/RHSA-2011-0426.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/47269

Source: secalert@redhat.com

http://www.securitytracker.com/id?1025304

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2011/0899

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=639869

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2011-0426.html