Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11236
Multiple vulnerabilities in Oracle VM VirtualBox
Updated: 06/26/2019
Detect date
?
 04/17/2018
Severity
?
 Critical
Description

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, read and write local files.

Below is a complete list of vulnerabilities:

  1. Multiple unspecified vulnerabilities in the Core component can be exploited locally to gain privileges;
  2. An unspecified vulnerability in the Core component can be exploited remotely to cause denial of service, obtain sensitive information, read and write local files;
  3. An unspecified vulnerability in the Core component can be exploited remotely to obtain sensitive information.
Affected products

Oracle VM VirtualBox 5.1.x earlier than 5.1.36
Oracle VM VirtualBox 5.2.x earlier than 5.2.10
Solution

Update to the latest version
Download VirtualBox
Original advisories

Oracle Critical Patch Update Advisory – April 2018
Impacts
?
OSI 
[?]

WLF 
[?]

PE 
[?]

RLF 
[?]
CVE-IDS
?
CVE-2018-28354.4Warning
CVE-2018-28364.4Warning
CVE-2018-28374.4Warning
CVE-2018-07394.3Warning
CVE-2018-28424.6Warning
CVE-2018-28434.6Warning
CVE-2018-28444.6Warning
CVE-2018-28454.6Warning
CVE-2018-28604.6Warning
CVE-2018-28304.4Warning
CVE-2018-28312.1Warning
© 2020 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up