CVE-2020-14355 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. More specifically, these flaws reside in the spice-common shared code between the client and server of SPICE. In other words, both the client (spice-gtk) and server are affected by these flaws. A malicious client or server could send specially crafted messages which could result in a process crash or potential code execution scenario. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1239 | spice | 0.14.3-3 | Critical | Vulnerable | FS#68166 |