Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Redhat spice-xpi usbrdrctl日志文件任意文件覆盖漏洞
Vulnerability Description
SPICE Firefox插件(spice-xpi)2.4,2.3,2.2及其他版本中存在后置链接漏洞。本地用户可以借助usbrdrctl日志文件(包含可预测文件名称)中的符号链接攻击,覆盖任意文件。
CVSS Information
N/A
Vulnerability Type
N/A