Vulnerability in Oracle VM VirtualBox Affects Oracle Virtualization
CVE-2017-10238

7.3HIGH

Key Information:

Vendor
Oracle
Status
Oracle Vm Virtualbox
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability present in Oracle VM VirtualBox allows an attacker with elevated privileges to compromise the system. This exploitable flaw can lead to a Denial of Service, causing the application to crash or hang. Attackers may gain unauthorized access to modify, delete, or insert data within Oracle VM VirtualBox, leading to significant operational disruptions and data exposure.

Affected Version(s)

Oracle VM VirtualBox < 5.1.24

References

http://www.securitytracker.com/id/1038929
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/99668
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.