| Revision Date: | 2018-03-14 | Version: | 1 | | Title: | CVE-2017-12194 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2017-12194
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT libspice-server1 package in xenial, while related to the CVE in some way, is not affected.
OR NOT gir1.2-spice-client-glib-2.0 package in xenial, while related to the CVE in some way, is not affected.
OR NOT gir1.2-spice-client-gtk-2.0 package in xenial, while related to the CVE in some way, is not affected.
OR NOT gir1.2-spice-client-gtk-3.0 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libspice-client-glib-2.0-8 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libspice-client-gtk-2.0-4 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libspice-client-gtk-3.0-4 package in xenial, while related to the CVE in some way, is not affected.
OR NOT python-spice-client-gtk package in xenial, while related to the CVE in some way, is not affected.
OR NOT spice-client-glib-usb-acl-helper package in xenial, while related to the CVE in some way, is not affected.
OR NOT spice-client-gtk package in xenial, while related to the CVE in some way, is not affected.
|
|