KLA11405
Multiple vulnerabilities in Oracle Virtual Box

Multiple vulnerabilities were found in Oracle Virtual Box. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and cause denial of service.

Below is a complete list of vulnerabilities:

1. Multiple vulnerabilities in Core component of Oracle VM VirtualBox can be exploited locally to obtain sensitive information.
2. Multiple vulnerabilities in Core component of Oracle VM VirtualBox can be exploited locally to cause denial of service.
3. Multiple vulnerabilities in Core component of Oracle VM VirtualBox can be exploited locally to obtain sensitive information, bypass security restrictions and cause denial of service.
4. Vulnerability in Web Server (Apache HTTP Server) component of Oracle Secure Global Desktop (SGD) can be exploited remotely to cause denial of service.
5. Vulnerability in Core component of Oracle VM VirtualBox can be exploited remotely to cause denial of service.
6. Vulnerability in Application Server (Apache Tomcat) component of Oracle Secure Global Desktop (SGD) can be exploited remotely to bypass security restrictions.
7. Vulnerability in Core (OpenSSL) component of Oracle VM VirtualBox can be exploited remotely to obtain sensitive information.

Oracle VM Virtual Box versions earlier than 5.2.24
Oracle VM Virtual Box versions earlier than 6.0.2
 

Update to the latest version
Download Oracle Virtual Box