[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.6] spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)

ID: oval:org.secpod.oval:def:1801298Date: (C)2019-02-19   (M)2022-08-08
Class: PATCHFamily: unix




spice versions 0.5.2 through 0.14.1 are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial-of-service, or, in the worst case, code-execution by unauthenticated attackers. Fixed In Version:¶ spice 0.14.2

Platform:
Alpine Linux 3.6
Product:
spice
Reference:
9943
CVE-2019-3813
CVE    1
CVE-2019-3813
CPE    2
cpe:/o:alpinelinux:alpine_linux:3.6
cpe:/a:redhat:spice

© SecPod Technologies