CVE-2013-4282

Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.

Published : 2013-11-02 19:55 Updated : 2019-04-22 17:48

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Redhat Enterprise Linux 6.0 cpe:/o:redhat:enterprise_linux:6.0
Redhat Enterprise Linux 5 cpe:/o:redhat:enterprise_linux:5
Spice Project Spice 0.12.0 cpe:/a:spice_project:spice:0.12.0
Redhat Enterprise Virtualization 3.0 cpe:/a:redhat:enterprise_virtualization:3.0
  1. Spice Project (1) Search CVE
    1. Spice (1) Search CVE
      1. 0.12.0
  2. Redhat (2) Search CVE
    1. Enterprise Linux (2) Search CVE
      1. 6.0
      2. 5
    2. Enterprise Virtualization (1) Search CVE
      1. 3.0

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2019-04-22 17:48
2013-11-02 19:55

New CVE