KLA11236
Multiple vulnerabilities in Oracle VM VirtualBox
Updated: 10/12/2018
CVSS
?
4.6
Detect date
?
04/17/2018
Severity
?
Warning
Description

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, read and write local files.

Below is a complete list of vulnerabilities:

  1. Multiple unspecified vulnerabilities in the Core component can be exploited locally to gain privileges;
  2. An unspecified vulnerability in the Core component can be exploited remotely to cause denial of service, obtain sensitive information, read and write local files;
  3. An unspecified vulnerability in the Core component can be exploited remotely to obtain sensitive information.
Affected products

Oracle VM VirtualBox 5.1.x earlier than 5.1.36
Oracle VM VirtualBox 5.2.x earlier than 5.2.10

Solution

Update to the latest version
Download VirtualBox

Original advisories

Oracle Critical Patch Update Advisory – April 2018

Impacts
?
OSI 
[?]

WLF 
[?]

PE 
[?]

RLF 
[?]
Related products
Oracle VirtualBox
CVE-IDS
?

CVE-2018-2835
CVE-2018-2836
CVE-2018-2837
CVE-2018-0739
CVE-2018-2842
CVE-2018-2843
CVE-2018-2844
CVE-2018-2845
CVE-2018-2860
CVE-2018-2830
CVE-2018-2831