CVSS: 10.0EPSS: 15%CPEs: 1EXPL: 0CVE-2017-12194 – Gentoo Linux Security Advisory 201811-20
https://notcve.org/view.php?id=CVE-2017-12194
14 Mar 2018 — A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable. >Se ha encontrado un error en la forma en la que spice-client procesaba ciertos mensajes enviados desde el servidor. Un atacante con control del spice-server malicioso podría emplear este e... • http://www.securityfocus.com/bid/103413 • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 37EXPL: 0CVE-2016-3066
https://notcve.org/view.php?id=CVE-2016-3066
06 Jun 2017 — The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard. El widget spice-gtk permite a los usuarios autorizados obtener de forma remota información del portapapeles del host. • https://bugzilla.redhat.com/show_bug.cgi?id=1320263 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2014-0979
https://notcve.org/view.php?id=CVE-2014-0979
23 Jan 2014 — The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username. La función start_authentication en lightdm-gtk-greeter.c de LightDM GTK+ Greeter anterior a la versión 1.7.1 no maneja adecuadamente el valor desde la función lightdm_greeter_get_authentication_user, lo que perm... • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128117.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4324 – spice-gtk: Insecure calling of polkit via polkit_unix_process_new()
https://notcve.org/view.php?id=CVE-2013-4324
20 Sep 2013 — spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. spice-gtk 0.14, y posiblemente otras versiones, invoca la autoridad polkit utilizando la función insegura polkit_unix_process_new API, que permite a usuarios locales eludir... • http://lists.opensuse.org/opensuse-updates/2013-10/msg00031.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2012-4425 – libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-4425
18 Sep 2012 — libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself. libgio, cuando se utiliza setuid u otros programas con privilegios en spice-gtk y posiblemente otros productos, permite a usuarios locales obtener privileg... • https://www.exploit-db.com/exploits/21323 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2005-3186
https://notcve.org/view.php?id=CVE-2005-3186
18 Nov 2005 — Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt •