Red Hat Bugzilla – Bug 974267
CVE-2013-2176 rhev-m: rhev-apt service unquoted search path
Last modified: 2015-07-31 08:06:49 EDT
An unquoted search path flaw was found in the way the Red Hat Enterprise Virtualization Apt service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.
This issue was discovered by Jiri Belka of Red Hat.
This issue has been addressed in following products:
RHEV Manager version 3.2
Via RHSA-2013:1122 https://rhn.redhat.com/errata/RHSA-2013-1122.html