An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | spice | < 0.12.5-2.4 | spice-0.12.5-2.4.mga5 |