rpm package
suse/spice&distro=SUSE Linux Enterprise Desktop 12 SP2
pkg:rpm/suse/spice&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9578 | Hig | 7.5 | < 0.12.7-8.1 | 0.12.7-8.1 | Jul 27, 2018 | A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. | |
| CVE-2016-9577 | Hig | 7.5 | < 0.12.7-8.1 | 0.12.7-8.1 | Jul 27, 2018 | A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. | |
| CVE-2017-7506 | Hig | 8.8 | < 0.12.7-10.3.1 | 0.12.7-10.3.1 | Jul 18, 2017 | spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak. |
- affected < 0.12.7-8.1fixed 0.12.7-8.1
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
- affected < 0.12.7-8.1fixed 0.12.7-8.1
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
- affected < 0.12.7-10.3.1fixed 0.12.7-10.3.1
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.