Home

CVE-2016-9578

Description

A vulnerability was discovered in SPICE before 0.13.90 in the servers protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
3.335

Associated Vulnerability

VulnerabilityOS Platform
SPICE protocol client and server library (USN-3014-1) libspice-server1_0.12.6-4ubuntu0.2_i386.debLinux
SPICE protocol client and server library (USN-3014-1) libspice-server1_0.12.6-4ubuntu0.2_amd64.debLinux
SPICE protocol client and server library (USN-3202-1) libspice-server1_0.12.6-4ubuntu0.2_i386.debLinux
SPICE protocol client and server library (USN-3202-1) libspice-server1_0.12.6-4ubuntu0.2_amd64.debLinux
SPICE protocol client and server library (USN-3202-1) libspice-server1_0.12.8-1ubuntu0.1_i386.debLinux
SPICE protocol client and server library (USN-3202-1) libspice-server1_0.12.8-1ubuntu0.1_amd64.debLinux
SPICE protocol client and server library (USN-3202-1) libspice-server1_0.12.4-0nocelt2ubuntu1.4_i386.debLinux
SPICE protocol client and server library (USN-3202-1) libspice-server1_0.12.4-0nocelt2ubuntu1.4_amd64.debLinux
(RHSA-2017:0253) Moderate: spice-server security update spice-server-0.12.4-13.el6_8.2.x86_64.rpmLinux
(RHSA-2017:0253) Moderate: spice-server security update spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpmLinux
SUSE-SU-2017:0400-1(SUSE Linux Enterprise Desktop 12-SP1 ) libspice-server1-0.12.5-7.1.x86_64.rpmLinux
SUSE-SU-2017:0400-1(SUSE Linux Enterprise Desktop 12-SP1 ) libspice-server1-debuginfo-0.12.5-7.1.x86_64.rpmLinux
SUSE-SU-2017:0400-1(SUSE Linux Enterprise Desktop 12-SP1 ) spice-debugsource-0.12.5-7.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234