Heap-based Buffer Overflow in SPICE: Arbitrary Memory Access via Guest QXL Commands

Heap-based Buffer Overflow in SPICE: Arbitrary Memory Access via Guest QXL Commands

CVE-2015-5261 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:P/A:N

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.

Learn more about our Attack Surface Assessment.