Все бюллетени/sisyphus/ALT-PU-2017-2174-1
ALT-PU-2017-2174-1

Обновление пакета SPICE в ветке sisyphus

Версия0.13.90-alt1
Задание#187863
Опубликовано2017-09-08
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (2)

CVE-2016-9577
HIGH8.8

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

Опубликовано: 2018-07-27Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.5
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2016-9578
HIGH7.5

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

Опубликовано: 2018-07-27Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки