CVE-2016-3066

moderate-risk

Published 2017-06-06

The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.

Do I need to act?

-

0.28% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

6

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (20)

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Spice-Gtk

Affected Vendors

Spice-Gtk Project

References (2)

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1320263

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1320263

49

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 1/34 · Minimal

Exposure 24/34 · High