KLA11236
Multiple vulnerabilities in Oracle VM VirtualBox

Updated: 06/03/2020

Detect date ?	04/17/2018
Severity ?	Critical
Description	Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, read and write local files. Below is a complete list of vulnerabilities: Multiple unspecified vulnerabilities in the Core component can be exploited locally to gain privileges; An unspecified vulnerability in the Core component can be exploited remotely to cause denial of service, obtain sensitive information, read and write local files; An unspecified vulnerability in the Core component can be exploited remotely to obtain sensitive information.
Affected products	Oracle VM VirtualBox 5.1.x earlier than 5.1.36 Oracle VM VirtualBox 5.2.x earlier than 5.2.10
Solution	Update to the latest version Download VirtualBox
Original advisories	Oracle Critical Patch Update Advisory – April 2018
Impacts ?	OSI [?] WLF [?] PE [?] RLF [?]
Related products	Oracle VirtualBox
CVE-IDS ?	CVE-2018-28354.4Warning CVE-2018-28364.4Warning CVE-2018-28374.4Warning CVE-2018-07394.3Warning CVE-2018-28424.6Warning CVE-2018-28434.6Warning CVE-2018-28444.6Warning CVE-2018-28454.6Warning CVE-2018-28604.6Warning CVE-2018-28304.4Warning CVE-2018-28312.1Warning
	Find out the statistics of the vulnerabilities spreading in your region

KLA11236Multiple vulnerabilities in Oracle VM VirtualBox