47 matches found
MiracleLinux 4 : spice-server-0.12.4-16.AXS4.3 (AXSA:2019-3705:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3705:01 advisory. spice: Off-by-one error in array access in spice/server/memslot.c CVE-2019-3813 Tenable has extracted the preceding description block directly from the...
SUSE CVE-2019-3813
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers...
Mageia: Security Advisory (MGASA-2019-0100)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:13943-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0241-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2019-0232)
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
GLSA-202007-30 : spice: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-202007-30 spice: Arbitrary code execution A flaw in spices memory handling code has been discovered, allowing an out of bounds read. Impact : A remote attacker may be able to send malicious packets causing remote code execution...
Huawei EulerOS: Security Advisory for spice (EulerOS-SA-2019-1075)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for spice (EulerOS-SA-2019-1127)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 4.05 : spice-server Vulnerability (NS-SA-2019-0149)
The remote NewStart CGSL host, running version MAIN 4.05, has spice-server packages installed that are affected by a vulnerability: - Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, o...
NewStart CGSL MAIN 4.06 : spice-server Vulnerability (NS-SA-2019-0092)
The remote NewStart CGSL host, running version MAIN 4.06, has spice-server packages installed that are affected by a vulnerability: - Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, o...
Security fix for the ALT Linux 9 package SPICE version 0.14.2-alt1
0.14.2-alt1 built June 4, 2019 Alexey Shabalin in task 231442 --- May 31, 2019 Alexey Shabalin - 0.14.2 fixes: CVE-2019-3813 - build with gstreamer support...
SUSE-SU-2019:0231-2 Security update for spice
This update for spice fixes the following issues: Security issue fixed: - CVE-2019-3813: Fixed a out-of-bounds read in the memslotgetvirt function that could lead to denial-of-service or code-execution bsc1122706...
EulerOS 2.0 SP3 : spice (EulerOS-SA-2019-1105)
According to the version of the spice package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - spice: Off-by-one error in array access in spice/server/memslot.c CVE-2019-3813 Note that Tenable Network Security has extracted the preceding...
RHEL 7 : redhat-virtualization-host (RHSA-2019:0457)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0457 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...
EulerOS 2.0 SP5 : spice (EulerOS-SA-2019-1075)
According to the version of the spice package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - spice: Off-by-one error in array access in spice/server/memslot.c CVE-2019-3813 Note that Tenable Network Security has extracted the preceding...
Important: Red Hat Security Advisory: redhat-virtualization-host security update
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Fedora 28 : spice (2019-afade40f3d)
Fixes CVE-2019-3813 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, In...
Updated spice packages fix security vulnerability
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. CVE-2019-3813 A vulnerability was discovered in SPICE before versio...
openSUSE: Security Advisory for spice (openSUSE-SU-2019:0176-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...