Summary
This host is installed with Oracle VM VirtualBox and is prone to multiple unspecified vulnerabilities.
Impact
Successful exploitation will allow local users to affect confidentiality, integrity, and availability via unknown vectors.
Impact Level: Application
Solution
Apply the patch from below link,
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Insight
Multiple flaws exists due to unspecified errors related to the 'core' subcomponent.
Affected
Oracle VM VirtualBox before versions 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12
Detection
Get the installed version of Oracle VM VirtualBox and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2477, CVE-2014-2486, CVE-2014-2488, CVE-2014-2489 -
CVSS Base Score: 4.1
AV:L/AC:M/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
- Apache /server-info accessible
- Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
- Asterisk Missing ACL Check Remote Security Bypass Vulnerability