VDB
MAGEIA-2017-62
MAGEIA-2017-62
PUBLISHED
An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578)
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | mgaonline | 3.24.1-1.mga6, 0 |
| Mageia | drakx-net | 0, 2.32.1-1.mga6 |
| Mageia | spice | 0, 0.12.5-2.4.mga5, 0 |
Timeline
- Feb 23, 2017 CVE Updated
- Feb 23, 2017 CVE Published
References
- Updated spice packages fix security vulnerability advisory
- Updated spice packages fix security vulnerability issue
- Updated spice packages fix security vulnerability issue
- Updated drakx-net and mgaonline packages fix context menu on Plasma advisory
- Updated drakx-net and mgaonline packages fix context menu on Plasma issue