CVE-2012-3221

high

Description

Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect interrupt handling."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16681

https://exchange.xforce.ibmcloud.com/vulnerabilities/79380

http://www.securitytracker.com/id?1027666

http://www.securityfocus.com/bid/56045

http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.debian.org/security/2012/dsa-2594

Details

Source: Mitre, NVD

Published: 2012-10-17

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High