spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| spice-gtk_project | spice-gtk | 0.14 |
| redhat | enterprise_linux | 6.0 |
The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| spice-gtk_project | spice-gtk | 0.24 |
| spice-gtk_project | spice-gtk | 0.22 |
| spice-gtk_project | spice-gtk | 0.15.3 |
| spice-gtk_project | spice-gtk | 0.16 |
| spice-gtk_project | spice-gtk | 0.5 |
| spice-gtk_project | spice-gtk | 0.28 |
| spice-gtk_project | spice-gtk | 0.27 |
| spice-gtk_project | spice-gtk | 0.32 |
| spice-gtk_project | spice-gtk | 0.33 |
| spice-gtk_project | spice-gtk | 0.29 |
| spice-gtk_project | spice-gtk | 0.25 |
| spice-gtk_project | spice-gtk | 0.26 |
| spice-gtk_project | spice-gtk | 0.7 |
| spice-gtk_project | spice-gtk | 0.31 |
| spice-gtk_project | spice-gtk | 0.1.0 |
| spice-gtk_project | spice-gtk | 0.12.101 |
| spice-gtk_project | spice-gtk | 0.14 |
| spice-gtk_project | spice-gtk | 0.23 |
| spice-gtk_project | spice-gtk | 0.3 |
| spice-gtk_project | spice-gtk | 0.8 |
| spice-gtk_project | spice-gtk | 0.12 |
| spice-gtk_project | spice-gtk | 0.18 |
| spice-gtk_project | spice-gtk | 0.6 |
| spice-gtk_project | spice-gtk | 0.2 |
| spice-gtk_project | spice-gtk | 0.13.29 |
| spice-gtk_project | spice-gtk | 0.15 |
| spice-gtk_project | spice-gtk | 0.9 |
| spice-gtk_project | spice-gtk | 0.21 |
| spice-gtk_project | spice-gtk | 0.20 |
| spice-gtk_project | spice-gtk | 0.4 |
| spice-gtk_project | spice-gtk | 0.13 |
| spice-gtk_project | spice-gtk | 0.30 |
| spice-gtk_project | spice-gtk | 0.10 |
| spice-gtk_project | spice-gtk | 0.11 |
| spice-gtk_project | spice-gtk | 0.13.17 |
| spice-gtk_project | spice-gtk | 0.19 |
| spice-gtk_project | spice-gtk | 0.17 |
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-121,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| spice-gtk_project | spice-gtk | * |