Vulnerability in Oracle VM VirtualBox by Oracle
CVE-2017-10233

7.3HIGH

Key Information:

Vendor
Oracle
Status
Oracle Vm Virtualbox
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability exists in Oracle VM VirtualBox allowing low privileged attackers with access to the execution environment to exploit the software. This may lead to unauthorized disruption, causing hang or excessive crashing incidents, impacting the stability and availability of the service. Furthermore, the vulnerability permits attackers to gain unwanted access to certain data within Oracle VM VirtualBox, allowing updates, insertions, or deletions without authorization.

Affected Version(s)

Oracle VM VirtualBox < 5.1.24

References

http://www.securitytracker.com/id/1038929
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/99642
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.