View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-9578 not yet assigned priority: Debian including 1 source packages (spice), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.