CVE-2018-10893

Summary

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
Red Hatspice-clientn/aaffected

Weaknesses

  • CWE-122: CWE-122
  • CWE-190: CWE-190

ADP Enrichment

CVE Program Container

Additional References

References