Summary
This host is installed with Oracle VM VirtualBox and is prone to unspecified vulnerability.
Impact
Successful exploitation will allow local users to disclose sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
Impact Level: System/Application
Solution
Upgrade to Oracle VM VirtualBox version 4.1.32, 4.2.24, 4.3.10 or later, For updates refer to https://www.virtualbox.org
Insight
The flaw is due to an error within the Graphics driver(WDDM) for Windows guests component and can be exploited by disclose, update, insert, or delete certain data and to cause a crash.
Affected
Oracle Virtualization VirtualBox 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.10 on Windows
Detection
Get the installed version of Oracle VM VirtualBox and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2441 -
CVSS Base Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
- Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
- Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)
- Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability