VYPR
Unrated severityNVD Advisory· Published Dec 8, 2010· Updated Jun 16, 2026

CVE-2010-2793

CVE-2010-2793

Description

Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this named pipe, in conjunction with use of the ImpersonateNamedPipeClient function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:redhat:spice-activex:-:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*range: <=2.2.3
    • cpe:2.3:o:redhat:enterprise_virtualization_manager:2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_virtualization_manager:2.2:*:*:*:*:*:*:*
  • Range: <2.2.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.