Scientific Linux Security Update : spice on SL7.x x86_64
High Nessus Plugin ID 97037
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution.
- A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578)
SolutionUpdate the affected spice-debuginfo, spice-server and / or spice-server-devel packages.