Summary
This host is installed with Oracle VM VirtualBox and is prone to multiple memory corruption vulnerabilities.
Impact
Successful exploitation will allow local users to conduct a denial of service or potentially execute arbitrary code.
Impact Level: System/Application
Solution
Upgrade to Oracle VM VirtualBox version 4.3.8 or later, For updates refer to https://www.virtualbox.org
Insight
Multiple flaws are due to,
- An error within the 'crNetRecvReadback' function.
- Multiple errors within the 'crNetRecvReadback' and 'crNetRecvWriteback' functions.
- A boundary error within multiple generated 'crServerDispatchVertexAttrib*ARB' functions.
Affected
Oracle VM VirtualBox version 4.2.x through 4.2.20, 4.3.x before 4.3.8 on Mac OS X.
Detection
Get the installed version of Oracle VM VirtualBox and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-0981, CVE-2014-0983 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities