Local Privilege Escalation Vulnerability in Oracle VM VirtualBox
CVE-2017-10209

5.2MEDIUM

Key Information:

Vendor
Oracle
Status
Oracle Vm Virtualbox
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability exists in Oracle VM VirtualBox that could allow low privileged attackers to exploit the system where Oracle VM VirtualBox runs. This flaw enables unauthorized read access to sensitive data and may facilitate a partial denial of service. While the direct impact is on Oracle VM VirtualBox, the consequences can extend to additional products that interact with it, posing significant risks to overall system integrity.

Affected Version(s)

Oracle VM VirtualBox < 5.1.24

References

http://www.securityfocus.com/bid/99709
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038929
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.