Buffer overflow in Spice_project Spice

CVE-2013-4282

Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.

Vulnerability class: Buffer Overflow

EPSS: 0.011 (78.6th percentile) — read the EPSS interpretation.

Affected products

Spice_project Spice — versions 0.12.0
Redhat Enterprise_linux — versions 5, 6.0
Redhat Enterprise_virtualization — versions 3.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

RHSA-2013:1473 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
SUSE-SU-2015:0884 (vendor-advisory, x_refsource_SUSE)
RHSA-2013:1474 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
DSA-2839 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
RHSA-2013:1460 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
USN-2027-1 (x_refsource_UBUNTU, vendor-advisory)
63408 (vdb-entry, x_refsource_BID)