Spice Project: >> Spice >> 0.12.0 Security Vulnerabilities
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.
CVSS Score
5.0
EPSS Score
0.011
Published
2013-08-20
Page 2