mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
261 lines
9.1 KiB
JSON
261 lines
9.1 KiB
JSON
{
|
|
"id": "CVE-2013-4130",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2013-08-20T22:55:04.227",
|
|
"lastModified": "2024-11-21T01:54:56.530",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Las funciones (1) red_channel_pipes_add_type y (2) red_channel_pipes_add_empty_msg ein server/red_channel.c en SPICE before 0.12.4, no realizan bucles en anillo adecuadamente, lo que podr\u00eda permitir a atacantes remotos realizar una denegaci\u00f3n de servicio (aserci\u00f3n alcanzable y salida del servidor) mediante un mensaje de error de red."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"baseScore": 5.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-399"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "0.12.3",
|
|
"matchCriteriaId": "03A0164C-82BD-4ECC-A737-0395391ED56F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D43478E1-FAC9-4331-890A-3A0657B297CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.5.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EF919EB-A288-4B04-B16D-5CBF02D3DA50"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C4B6CA6B-2EA2-49B2-A1CB-1A2E6BCD5310"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3799D9A4-36DD-46C7-920F-CBBACFBD1A3F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D98B8AD9-2199-491B-971D-51C8E8C8620F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.6.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "334E8934-ACD6-4EA8-8603-1A74754E686E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.6.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DC523EFE-42BB-401F-B56F-CD3111521926"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8D99BC7E-E0AE-47DB-AB4E-E2E8B819F11E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A94048EB-8898-48D2-94F5-5EB4EBACF1EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.7.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5FDB2652-0358-4624-AA5A-85E6AF78602D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5DDBC28-2B52-4ED3-A547-220308730442"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "415261CB-7BC6-43A3-8655-4A9B5762D40D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F9EC9E53-64A4-4ACD-96A2-914E99FD18CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.8.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2AF8BAE-BA8D-4B88-ABF7-BFF3FF1C35FE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.8.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B572F78E-3D9E-447C-AC2A-790833FE9572"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "40C5F192-9B57-406B-A026-986C5FA23E7D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.9.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80AC3C68-6EF4-45BA-AE83-63BF7E2C5FDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.10.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A5FAD2D-A31D-47F5-A0CA-F956566AF64E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.10.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D3A7A337-017E-442C-8243-ACCEC60386DC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.11.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1FEDFB76-03BA-4C85-8941-60ED24248C19"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.11.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "534D1105-4AC0-4DD4-93BA-CD7B6DF09F26"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.12.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "937428E5-EE31-4BBF-9774-EFB9866B58D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:spice_project:spice:0.12.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7AE28BE9-1851-4BCA-A1B8-8F291C744703"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://cgit.freedesktop.org/spice/spice/commit/?id=53488f0275d6c8a121af49f7ac817d09ce68090d",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1260.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/oss-sec/2013/q3/115",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2014/dsa-2839",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-1926-1",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=984769",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://cgit.freedesktop.org/spice/spice/commit/?id=53488f0275d6c8a121af49f7ac817d09ce68090d",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1260.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/oss-sec/2013/q3/115",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2014/dsa-2839",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-1926-1",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=984769",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |