CVE-2013-4130

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.

Published : 2013-08-20 22:55 Updated : 2014-01-24 04:35

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Spice Project Spice 0.9.1 cpe:/a:spice_project:spice:0.9.1
Spice Project Spice 0.8.2 cpe:/a:spice_project:spice:0.8.2
Spice Project Spice 0.6.4 cpe:/a:spice_project:spice:0.6.4
Spice Project Spice 0.7.3 cpe:/a:spice_project:spice:0.7.3
Spice Project Spice 0.8.3 cpe:/a:spice_project:spice:0.8.3
Spice Project Spice 0.8.0 cpe:/a:spice_project:spice:0.8.0
Spice Project Spice 0.6.2 cpe:/a:spice_project:spice:0.6.2
Spice Project Spice 0.7.1 cpe:/a:spice_project:spice:0.7.1
Spice Project Spice 0.5.3 cpe:/a:spice_project:spice:0.5.3
Spice Project Spice 0.10.0 cpe:/a:spice_project:spice:0.10.0
Spice Project Spice 0.9.0 cpe:/a:spice_project:spice:0.9.0
Spice Project Spice 0.8.1 cpe:/a:spice_project:spice:0.8.1
Spice Project Spice 0.6.3 cpe:/a:spice_project:spice:0.6.3
Spice Project Spice 0.7.2 cpe:/a:spice_project:spice:0.7.2
Spice Project Spice 0.6.0 cpe:/a:spice_project:spice:0.6.0
Spice Project Spice 0.7.0 cpe:/a:spice_project:spice:0.7.0
Spice Project Spice 0.6.1 cpe:/a:spice_project:spice:0.6.1
Spice Project Spice 0.5.2 cpe:/a:spice_project:spice:0.5.2
Spice Project Spice 0.12.2 cpe:/a:spice_project:spice:0.12.2
Spice Project Spice 0.11.3 cpe:/a:spice_project:spice:0.11.3
Spice Project Spice 0.11.0 cpe:/a:spice_project:spice:0.11.0
Spice Project Spice 0.10.1 cpe:/a:spice_project:spice:0.10.1
Spice Project Spice 0.12.3 cpe:/a:spice_project:spice:0.12.3
Spice Project Spice 0.12.0 cpe:/a:spice_project:spice:0.12.0
Canonical Ubuntu Linux 13.04 cpe:/o:canonical:ubuntu_linux:13.04
  1. Spice Project (1) Search CVE
    1. Spice (24) Search CVE
      1. 0.9.1
      2. 0.8.2
      3. 0.6.4
      4. 0.7.3
      5. 0.8.3
      6. 0.8.0
      7. 0.6.2
      8. 0.7.1
      9. 0.5.3
      10. 0.10.0
      11. 0.9.0
      12. 0.8.1
      13. 0.6.3
      14. 0.7.2
      15. 0.6.0
      16. 0.7.0
      17. 0.6.1
      18. 0.5.2
      19. 0.12.2
      20. 0.11.3
      21. 0.11.0
      22. 0.10.1
      23. 0.12.3
      24. 0.12.0
  2. Canonical (1) Search CVE
    1. Ubuntu Linux (1) Search CVE
      1. 13.04

CWE

ID Name Description Links
CWE-399 Resource Management Errors Weaknesses in this category are related to improper management of system resources. CVE

History of changes

Date Event
2013-08-20 22:55

New CVE