CVE-2017-12194 -- spice-gtkID: oval:org.secpod.oval:def:2000363 | Date: (C)2019-06-02 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.
Platform: |
Debian 8.x |
Debian 9.x |
Product: |
libspice-client-glib-2.0-dev |