Skip to main content

Spice CVE-2017-7506

HIGH
Buffer Overflow (CWE-119)
2017-07-18 secalert@redhat.com
8.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jul 18, 2017 - 15:29 cve.org
HIGH 8.8

DescriptionCVE.org

spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.

AnalysisAI

spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak. Affected products include: Spice Project Spice.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

More in Spice

View all
CVE-2016-0749 CRITICAL
9.8 Jun 09

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or poss

CVE-2013-4282 MEDIUM POC
5.0 Nov 02

Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers

CVE-2021-20201 MEDIUM POC
5.3 May 28

A flaw was found in spice in versions before 0.14.92. Rated medium severity (CVSS 5.3), this vulnerability is remotely e

CVE-2018-10893 HIGH
8.8 Sep 11

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames.

CVE-2018-10873 HIGH
8.8 Aug 17

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages l

CVE-2015-5260 HIGH
7.8 Jun 07

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory

CVE-2019-3813 HIGH
7.5 Feb 04

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_

CVE-2015-5261 HIGH
7.1 Jun 07

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations

CVE-2016-2150 HIGH
7.1 Jun 09

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface p

CVE-2015-3247 MEDIUM
6.9 Sep 08

Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to

CVE-2020-14355 MEDIUM
6.6 Oct 07

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display syste

CVE-2013-4130 MEDIUM
5.0 Aug 20

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE be

Share

CVE-2017-7506 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy