5 matches found
MiracleLinux 4 : spice-server-0.12.0-12.AXS4.3 (AXSA:2013-596:04)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-596:04 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computin...
UBUNTU-CVE-2021-20201
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service CPU consumption by performing many renegotiations within a single connection...
DEBIAN-CVE-2020-14355
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...
CVE-2017-7506
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak...
spice: stack buffer overflow in reds_handle_ticket() function
Stack-based buffer overflow in the redshandleticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service crash via a long password in a SPICE ticket...