CVE-2015-5261
- EPSS 0.09%
- Veröffentlicht 07.06.2016 14:06:07
- Zuletzt bearbeitet 12.04.2025 10:46:40
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
CVE-2015-5260
- EPSS 0.29%
- Veröffentlicht 07.06.2016 14:06:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter...
CVE-2015-3247
- EPSS 0.77%
- Veröffentlicht 08.09.2015 15:59:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via un...
- EPSS 1.51%
- Veröffentlicht 02.11.2013 19:55:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
- EPSS 1.1%
- Veröffentlicht 20.08.2013 22:55:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable asserti...