MiracleLinux 7 : spice-0.12.4-15.el7.1 (AXSA:2016-469:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-469:01 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a...

MiracleLinux 4 : spice-server-0.12.4-13.AXS4.1 (AXSA:2016-468:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-468:02 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a...

Linux Distros Unpatched Vulnerability : CVE-2016-0749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The smartcard interaction in SPICE allows remote attackers to cause a denial of service QEMU-KVM process crash or possibly execute arbitrary code via vectors...

SUSE: Security Advisory (SUSE-SU-2016:1561-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1559-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for spice FEDORA-2016-a7322c9fd1

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 23 : spice (2016-a7322c9fd1)

Update to new 0.12.8 upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

Fedora 24 : spice (2016-6b9c658707)

Update to upstream 0.12.8 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

openSUSE Security Update : spice (openSUSE-2016-824)

spice was updated to fix two security issues. These security issues were fixed : - CVE-2016-2150: SPICE allowed local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261 boo982385. - CVE-2016-0749: The...

openSUSE Security Update : spice (openSUSE-2016-823)

spice was updated to fix two security issues. These security issues were fixed : - CVE-2016-2150: SPICE allowed local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261 boo982385. - CVE-2016-0749: The...

USN-3014-1: Spice vulnerabilities

Jing Zhao discovered that the Spice smartcard support incorrectly handled memory. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 15.10 and Ubuntu 16.04 LTS. CVE-2016-0749...

SUSE SLED12 / SLES12 Security Update : spice (SUSE-SU-2016:1561-1)

spice was updated to fix two security issues. These security issues were fixed : - CVE-2016-2150: Guest escape using crafted primary surface parameters bsc982386. - CVE-2016-0749: Heap-based buffer overflow in smartcard interaction bsc982385. Note that Tenable Network Security has extracted the...

SUSE SLED12 / SLES12 Security Update : spice (SUSE-SU-2016:1559-1)

spice was updated to fix four security issues. These security issues were fixed : - CVE-2016-2150: Guest escape using crafted primary surface parameters bsc982386. - CVE-2016-0749: Heap-based buffer overflow in smartcard interaction bsc982385. - CVE-2015-5260: Insufficient validation of surfaceid...

GLSA-201606-05 : spice: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201606-05 spice: Multiple vulnerabilities Multiple vulnerabilities have been discovered in spice, please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code...

Scientific Linux Security Update : spice-server on SL6.x x86_64 (20160606)

Security Fixes : - A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to crash the QEMU-KVM process or execute...

DEBIAN-CVE-2016-0749

The smartcard interaction in SPICE allows remote attackers to cause a denial of service QEMU-KVM process crash or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow...

CVE-2016-0749

CVE-2016-0749 affects SPICE software (remote display system for VMs). The vulnerability stems from the smartcard interaction in SPICE, enabling a remote attacker to cause a heap-based buffer overflow by connecting to a guest VM, potentially crashing the QEMU-KVM host process or executing arbitrar...

CentOS 6 : spice-server (CESA-2016:1204)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CentOS 7 : spice (CESA-2016:1205)

An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CentOS Update for spice-server CESA-2016:1204 centos6

Check the version of spice-server SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882501";...