Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-4130

Опубликовано: 20 авг. 2013
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:spice_project:spice:*:*:*:*:*:*:*:*
Версия до 0.12.3 (включая)
cpe:2.3:a:spice_project:spice:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.10.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.11.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.11.3:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.12.0:*:*:*:*:*:*:*
cpe:2.3:a:spice_project:spice:0.12.2:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*

EPSS

Процентиль: 77%
0.01102
Низкий

5 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

ubuntu логотип

CVE-2013-4130

ubuntu
около 12 лет назад

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.

redhat логотип

CVE-2013-4130

redhat
около 12 лет назад

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.

debian логотип

CVE-2013-4130

debian
около 12 лет назад

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty ...

github логотип

GHSA-3mmx-gfx4-6h3r

github
больше 3 лет назад

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.

oracle-oval логотип

ELSA-2013-1192

oracle-oval
почти 12 лет назад

ELSA-2013-1192: spice-server security update (MODERATE)

EPSS

Процентиль: 77%
0.01102
Низкий

5 Medium

CVSS2

Дефекты

CWE-399