KLA11236
Multiple vulnerabilities in Oracle VM VirtualBox
Обновлено: 26/06/2019
Дата обнаружения
17/04/2018
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, read and write local files.

Below is a complete list of vulnerabilities:

  1. Multiple unspecified vulnerabilities in the Core component can be exploited locally to gain privileges;
  2. An unspecified vulnerability in the Core component can be exploited remotely to cause denial of service, obtain sensitive information, read and write local files;
  3. An unspecified vulnerability in the Core component can be exploited remotely to obtain sensitive information.
Пораженные продукты

Oracle VM VirtualBox 5.1.x earlier than 5.1.36
Oracle VM VirtualBox 5.2.x earlier than 5.2.10

Решение

Update to the latest version
Download VirtualBox

Первичный источник обнаружения
Oracle Critical Patch Update Advisory - April 2018
Оказываемое влияние
?
OSI 
[?]

WLF 
[?]

PE 
[?]

RLF 
[?]
Связанные продукты
Oracle VirtualBox
CVE-IDS
CVE-2018-28354.4Warning
CVE-2018-28364.4Warning
CVE-2018-28374.4Warning
CVE-2018-07394.3Warning
CVE-2018-28424.6Warning
CVE-2018-28434.6Warning
CVE-2018-28444.6Warning
CVE-2018-28454.6Warning
CVE-2018-28604.6Warning
CVE-2018-28304.4Warning
CVE-2018-28312.1Warning