Download
| Alert*
oval:org.secpod.oval:def:70133
spice: SPICE protocol client and server library - spice-protocol: SPICE protocol headers Spice could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:204876 The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine arch ... oval:org.secpod.oval:def:204881 The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine arch ... oval:org.secpod.oval:def:204880 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:204883 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:89002198 This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:603546 Frediano Ziglio reported a missing check in the script to generate demarshalling code in the SPICE protocol client and server library. The generated demarshalling code is prone to multiple buffer overflows. An authenticated attacker can take advantage of this flaw to cause a denial of service , or p ... oval:org.secpod.oval:def:89002053 This update for spice fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:89000455 This update for spice fixes the following issues: - CVE-2018-10873: Fixed a potential heap corruption when demarshalling - CVE-2018-10893: Fixed a buffer overflow on image lz checks oval:org.secpod.oval:def:89002417 This update for spice fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:53440 Frediano Ziglio reported a missing check in the script to generate demarshalling code in the SPICE protocol client and server library. The generated demarshalling code is prone to multiple buffer overflows. An authenticated attacker can take advantage of this flaw to cause a denial of service , or p ... oval:org.secpod.oval:def:502359 The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine arch ... oval:org.secpod.oval:def:502358 The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ... oval:org.secpod.oval:def:68045 spice: SPICE protocol client and server library - spice-protocol: SPICE protocol headers Spice could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:2000020 A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, ... oval:org.secpod.oval:def:89002967 This update for spice-gtk fixes the following issues: - CVE-2018-10873: Fixed a potential heap corruption when demarshalling - CVE-2018-10893: Fixed a buffer overflow on image lz checks oval:org.secpod.oval:def:1502314 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89049673 This update for spice fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:89049771 This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks Other bugs fixed: - Add setuid bit to spice-client-glib-usb-acl-helper oval:org.secpod.oval:def:1502315 The advisory is missing the security advisory description. For more information please visit the reference link |