Download
| Alert*
oval:org.secpod.oval:def:89045270
Spice was updated to fix three security issues. The following vulnerabilities were fixed: * CVE-2015-3247: heap corruption in the spice server * CVE-2015-5261: Guest could have accessed host memory using crafted images * CVE-2015-5260: Insufficient validation of surface_id parameter could have cau ... oval:org.secpod.oval:def:26786 Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors. oval:org.secpod.oval:def:702743 spice: SPICE protocol client and server library Spice could be made to crash or run programs. oval:org.secpod.oval:def:203713 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:109633 Header files describing the spice protocol and the para-virtual graphics card QXL. oval:org.secpod.oval:def:109645 Header files describing the spice protocol and the para-virtual graphics card QXL. oval:org.secpod.oval:def:109639 Client libraries for SPICE desktop servers. oval:org.secpod.oval:def:602224 Frediano Ziglio of Red Hat discovered a race condition flaw in spice"s worker_update_monitors_config function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service or, potentially execute arbitrary code on the host with ... oval:org.secpod.oval:def:52571 spice: SPICE protocol client and server library Spice could be made to crash or run programs. oval:org.secpod.oval:def:501650 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:1501155 Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors. oval:org.secpod.oval:def:203715 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:501647 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:109651 The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows you to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architect ... oval:org.secpod.oval:def:109641 Client libraries for SPICE desktop servers. |