CVE-2016-3066Sensitive Information Exposure in Project Spice-gtk

CWE-200Sensitive Information Exposure8 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 48.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Spice-gtk Project Spice-gtkDebian Spice-gtk
Timeline
PublishedJun 6
Latest updateMay 14

Description

The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDspice-gtk_project/spice-gtk37 versions+36

🔴Vulnerability Details

2
GHSA
GHSA-v6jf-mqxh-2r3v: The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard2022-05-14
OSV
CVE-2016-3066: The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard2017-06-06

📋Vendor Advisories

2
Red Hat
spice-gtk: hijacks clipboard and sends contents to remote servers2016-03-22
Debian
CVE-2016-3066: spice-gtk - The spice-gtk widget allows remote authenticated users to obtain information fro...2016

💬Community

3
Bugzilla
CVE-2016-3066 spice-gtk: hijacks clipboard and sends contents to remote servers [fedora-all]2016-03-22
Bugzilla
CVE-2016-3066 mingw-spice-gtk: spice-gtk: hijacks clipboard and sends contents to remote servers [fedora-all]2016-03-22
Bugzilla
CVE-2016-3066 spice-gtk: hijacks clipboard and sends contents to remote servers2016-03-22