CVE-2011-4316

Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users' desktop sessions via unspecified vectors.

🔗 References (10)

• secalert@redhathttp://rhn.redhat.com/errata/RHSA-2012-1506.html
• secalert@redhathttp://rhn.redhat.com/errata/RHSA-2012-1508.html
• secalert@redhathttp://www.securityfocus.com/bid/56825
• secalert@redhathttp://www.securitytracker.com/id?1027838
• secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=754876
• af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-1506.html
• af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-1508.html
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/56825
• af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1027838
• af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=754876