November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – VMware ESXi / Workstation Player Multiple Vulnerabilities
March 30, 2019Informative Update: Gulf Bank – Service Disruption
March 30, 2019Rewterz Threat Advisory – VMware ESXi / Workstation Player Multiple Vulnerabilities
March 30, 2019Informative Update: Gulf Bank – Service Disruption
March 30, 2019
Analysis Summary
CVE-2019-3813
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
Impact
- Denial of Service
- Security Bypass
Affected Vendors
Amazon
Affected Products
Amazon Linux 2
Remediation
Apply updated packages via the yum package manager.