Off-by-one Error

CVE-2019-3813

High

7.5/10

Summary

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

Attack Complexity: HIGH
Attack Vector: ADJACENT_NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-193 - Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

References

Advisory Timeline

Published Feb 04, 2019

Off-by-one Error

CVE-2019-3813

Summary

CWE-193 - Off-by-one Error

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS