cpe:/a:redhat:spice-activex:- cpe:/o:redhat:enterprise_virtualization_manager:2.1 cpe:/o:redhat:enterprise_virtualization_manager:2.2 cpe:/o:redhat:enterprise_virtualization_manager:2.2.3 CVE-2010-2793 2010-12-08T13:00:03.887-05:00 2013-01-16T00:00:00.000-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-12-09T09:01:00.000-05:00 SECTRACK 1024825 BID 45213 REDHAT RHSA-2010:0818 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=620355 Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this named pipe, in conjunction with use of the ImpersonateNamedPipeClient function.