13 matches found
EUVD-2010-2796
Malware in sbrugna...
RHSA-2010:0632 Red Hat Security Advisory: qspice-client security update
Bulletin has no description...
RHEL 5 : qspice-client (RHSA-2010:0632)
An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
Scientific Linux Security Update : spice-xpi on SL5.x i386/x86_64
The spice-xpi package provides a plug-in that allows the SPICE client to run from within Mozilla Firefox. A race condition was found in the way the SPICE Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into...
Scientific Linux Security Update : qspice-client on SL5.x i386/x86_64
The qspice-client package provides the client side of the SPICE protocol. A race condition was found in the way the SPICE Mozilla Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into communicating over an...
CVE-2010-2792
CVE-2010-2792 is a race-condition vulnerability in the SPICE Firefox plug‑in (spice-xpi) and its qspice-client interaction. The plug‑in and client communicate over a UNIX socket; an attacker locally could abuse this to access authentication details and perform a man‑in‑the‑middle attack on the SP...
CVE-2010-2792
Race condition in the SPICE aka spice-xpi plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client aka qspice-client in qspice 0.3.0, and then accessing this...
CentOS 5 : qspice-client (CESA-2010:0632)
An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
CentOS 5 : spice-xpi (CESA-2010:0651)
An updated spice-xpi package that fixes two security issues and three bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
qspice security update
CentOS Errata and Security Advisory CESA-2010:0632 An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVS...
spice-xpi/qspice-client unix socket race
Race condition in the SPICE aka spice-xpi plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client aka qspice-client in qspice 0.3.0, and then accessing this...
Moderate: Red Hat Security Advisory: qspice-client security update
An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
spice-xpi/qspice-client unix socket race
Race condition in the SPICE aka spice-xpi plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client aka qspice-client in qspice 0.3.0, and then accessing this...