vulnerability
Oracle Linux: CVE-2016-9577: ELSA-2017-0253: spice-server security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:H/Au:S/C:C/I:C/A:C) | Feb 6, 2017 | Feb 6, 2017 | Jan 7, 2025 |
Severity
7
CVSS
(AV:N/AC:H/Au:S/C:C/I:C/A:C)
Published
Feb 6, 2017
Added
Feb 6, 2017
Modified
Jan 7, 2025
Description
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
Solution(s)
oracle-linux-upgrade-spice-serveroracle-linux-upgrade-spice-server-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.