Summary
This host is installed with Oracle VM VirtualBox and is prone to unspecified vulnerability.
Impact
Successful exploitation will allow local users to disclose sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
Impact Level: System/Application
Solution
Upgrade to Oracle VM VirtualBox version 4.1.32, 4.2.24, 4.3.10 or later, For updates refer to https://www.virtualbox.org
Insight
The flaw is due to an error within the Graphics driver(WDDM) for Windows guests component and can be exploited by disclose, update, insert, or delete certain data and to cause a crash.
Affected
Oracle Virtualization VirtualBox 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.10 on Windows
Detection
Get the installed version of Oracle VM VirtualBox and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2441 -
CVSS Base Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Mac OS X)
- Apache Tomcat Multiple Vulnerabilities - 02 Mar14
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
- Apache Error Log Escape Sequence Injection
- Apache Traffic Server Remote DNS Cache Poisoning Vulnerability