Vulnerabilities > Spice Project > Spice > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-06-09 CVE-2016-0749 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
network
low complexity
opensuse debian redhat spice-project CWE-119
critical
9.8