Multiple integer overflow and buffer overflow issues were discovered in spice-client"s handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.