Detections
Analytics

Oracle VirtualBox 4.1 < 4.1.22 Task-Gate IDT Call NULL Pointer Dereference Local DoS

low Nessus Plugin ID 62100

Language:

Synopsis

The remote Windows host has an application that is affected by local denial of service vulnerabilities.

Description

The remote host contains a version of Oracle VirtualBox 4.1 before 4.1.22. As such, it is potentially affected by a local denial of service vulnerability caused by invocation of software interrupt 0x8 from userspace. An attacker with access to the guest VM could leverage this to cause a denial of service.

Solution

Upgrade to Oracle VirtualBox 4.1.22 / 4.2 or later.

See Also

http://www.nessus.org/u?9fa4a738

https://www.virtualbox.org/wiki/Changelog

http://www.nessus.org/u?87547c81

Plugin Details

Severity: Low

ID: 62100

File Name: virtualbox_4_1_22.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 9/14/2012

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:oracle:vm_virtualbox

Required KB Items: VirtualBox/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/7/2012

Vulnerability Publication Date: 9/7/2012

Reference Information

CVE: CVE-2012-3221

BID: 55471, 56045