|
|
Log in / Subscribe / Register

qspice-client: man-in-the-middle vulnerability

Package(s):qspice-client CVE #(s):CVE-2010-2792
Created:August 25, 2010 Updated:August 26, 2010
Description: From the Red Hat advisory: A race condition was found in the way the SPICE Mozilla Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into communicating over an attacker-controlled socket, possibly gaining access to authentication details, or resulting in a man-in-the-middle attack on the SPICE connection.
Alerts:
CentOS CESA-2010:0651 spice-xpi 2010-08-25
CentOS CESA-2010:0632 qspice-client 2010-08-25
Red Hat RHSA-2010:0651-01 spice-xpi 2010-08-25
Red Hat RHSA-2010:0632-03 qspice-client 2010-08-25
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds