The Simple Protocol for Independent Computing Environments (SPICE) is vulnerable to Arbitrary Files Overwrite. It was found that the SPICE Firefox plug-in used a predictable name for its log file. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite arbitrary files accessible to the user running Firefox.