CVE-2017-7506
spice: Possible buffer overflow via invalid monitor configurations
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
Spice versiones hasta 0.13, son vulnerables al acceso a la memoria fuera de límites al procesar mensajes especialmente creados desde el atacante autenticado hasta el servidor de Spice, resultando en un bloqueo y/o pérdida de memoria del servidor.
A vulnerability was discovered in spice server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses, leading to parts of server memory being leaked or a crash.
The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix: A vulnerability was discovered in spice server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses, leading to parts of server memory being leaked or a crash.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-04-05 CVE Reserved
- 2017-07-18 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2017/07/14/1 | Mailing List |
|
| http://www.securityfocus.com/bid/99583 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3907 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2471 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2018:3522 | 2023-02-12 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1452606 | 2018-11-07 | |
| https://access.redhat.com/security/cve/CVE-2017-7506 | 2018-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.5.2 Search vendor "Spice Project" for product "Spice" and version "0.5.2" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.5.3 Search vendor "Spice Project" for product "Spice" and version "0.5.3" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.6.0 Search vendor "Spice Project" for product "Spice" and version "0.6.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.6.1 Search vendor "Spice Project" for product "Spice" and version "0.6.1" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.6.2 Search vendor "Spice Project" for product "Spice" and version "0.6.2" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.6.3 Search vendor "Spice Project" for product "Spice" and version "0.6.3" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.6.4 Search vendor "Spice Project" for product "Spice" and version "0.6.4" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.7.0 Search vendor "Spice Project" for product "Spice" and version "0.7.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.7.1 Search vendor "Spice Project" for product "Spice" and version "0.7.1" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.7.2 Search vendor "Spice Project" for product "Spice" and version "0.7.2" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.7.3 Search vendor "Spice Project" for product "Spice" and version "0.7.3" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.8.0 Search vendor "Spice Project" for product "Spice" and version "0.8.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.8.1 Search vendor "Spice Project" for product "Spice" and version "0.8.1" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.8.2 Search vendor "Spice Project" for product "Spice" and version "0.8.2" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.8.3 Search vendor "Spice Project" for product "Spice" and version "0.8.3" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.9.0 Search vendor "Spice Project" for product "Spice" and version "0.9.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.9.1 Search vendor "Spice Project" for product "Spice" and version "0.9.1" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.10.0 Search vendor "Spice Project" for product "Spice" and version "0.10.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.10.1 Search vendor "Spice Project" for product "Spice" and version "0.10.1" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.11.0 Search vendor "Spice Project" for product "Spice" and version "0.11.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.11.3 Search vendor "Spice Project" for product "Spice" and version "0.11.3" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.0 Search vendor "Spice Project" for product "Spice" and version "0.12.0" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.2 Search vendor "Spice Project" for product "Spice" and version "0.12.2" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.3 Search vendor "Spice Project" for product "Spice" and version "0.12.3" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.4 Search vendor "Spice Project" for product "Spice" and version "0.12.4" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.5 Search vendor "Spice Project" for product "Spice" and version "0.12.5" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.6 Search vendor "Spice Project" for product "Spice" and version "0.12.6" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.7 Search vendor "Spice Project" for product "Spice" and version "0.12.7" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.12.8 Search vendor "Spice Project" for product "Spice" and version "0.12.8" | - |
Affected
| ||||||
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | 0.13.0 Search vendor "Spice Project" for product "Spice" and version "0.13.0" | - |
Affected
| ||||||