cpe:/a:spice_project:spice:0.12.4 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7.0 cpe:/o:redhat:enterprise_linux_desktop:6.0 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_hpc_node:6 cpe:/o:redhat:enterprise_linux_hpc_node:7.0 cpe:/o:redhat:enterprise_linux_server:6.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_workstation:6.0 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2015-3247 2015-09-08T11:59:02.720-04:00 2017-09-15T21:29:02.263-04:00 6.9 LOCAL MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2016-06-09T14:42:52.647-04:00 SECTRACK 1033459 SECTRACK 1033460 SECTRACK 1033753 DEBIAN DSA-3354 REDHAT RHSA-2015:1713 REDHAT RHSA-2015:1714 REDHAT RHSA-2015:1715 UBUNTU USN-2736-1 MLIST [Spice-devel] 20151006 Announcing spice 0.12.6 SUSE openSUSE-SU-2015:1566 Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.