CVE-2019-3813 vulnerability in Spiceproject and Other Products
Published on February 4, 2019

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-3813

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3813 are published in these products:

Spiceproject Spice

Canonical Ubuntu Linux

Debian Linux

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Eus

Red Hat Enterprise Linux Server Tus

Red Hat Enterprise Linux Workstation

Red Hat Virtualization

Affected Versions

Red Hat, Inc. Spice Version versions 0.5.2 through 0.14.1 is affected by CVE-2019-3813

Exploit Probability

EPSS

0.24%

Percentile

47.13%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-3813 vulnerability in Spiceproject and Other ProductsPublished on February 4, 2019

Products Associated with CVE-2019-3813

Affected Versions

Exploit Probability

CVE-2019-3813 vulnerability in Spiceproject and Other Products
Published on February 4, 2019