vulnerability

Oracle Linux: CVE-2016-9577: ELSA-2017-0253: spice-server security update (MODERATE) (Multiple Advisories)

Severity
7
CVSS
(AV:N/AC:H/Au:S/C:C/I:C/A:C)
Published
Feb 6, 2017
Added
Feb 6, 2017
Modified
Jan 7, 2025

Description

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

Solution(s)

oracle-linux-upgrade-spice-serveroracle-linux-upgrade-spice-server-devel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.