Vulnerability in Oracle VM VirtualBox Component of Oracle Virtualization
CVE-2017-10237

7.3HIGH

Key Information:

Vendor
Oracle
Status
Oracle Vm Virtualbox
Vendor
CVE Published:
8 August 2017

Summary

Oracle VM VirtualBox contains a vulnerability that, when exploited, allows an attacker with high privileges to access the environment where it operates. This vulnerability can enable unauthorized actions such as causing the software to hang or crash, leading to potential Denial of Service (DoS) situations. Additionally, attackers can gain unauthorized access to modify or delete data within Oracle VM VirtualBox. This exploitation can further impact additional systems that rely on Oracle VM VirtualBox for virtualization services.

Affected Version(s)

Oracle VM VirtualBox < 5.1.24

References

http://www.securitytracker.com/id/1038929
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99667
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.