CVE-2015-5261
HIGH7.1EPSS 0.09%發布日:2016/6/7修改日:2026/4/28
描述
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
受影響套件(1)
- Debian/spicefrom 0, < 0.12.5-1.3
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |