CVE-2016-9578
published 2018-07-27CVE-2016-9578: A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted…
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | spice | < spice 0.12.8-2.1 (bookworm) | spice 0.12.8-2.1 (bookworm) |
| red_hat | spice | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| spice_project | spice | < 0.13.90 | 0.13.90 |
| spice_project | spice | >= 0 < 0.12.8-2.1 | 0.12.8-2.1 |
| spice_project | spice | >= 0 < 0.12.8-2.1 | 0.12.8-2.1 |
| spice_project | spice | >= 0 < 0.12.8-2.1 | 0.12.8-2.1 |
| spice_project | spice | >= 0 < 0.12.8-2.1 | 0.12.8-2.1 |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH