Oracle VM VirtualBox < 3.2.20 / 4.0.22 / 4.1.30 / 4.2.20 / 4.3.4 Multiple Vulnerabilities

low Nessus Plugin ID 72007

Synopsis

The remote host has an application that is affected by multiple security vulnerabilities.

Description

The remote host contains a version of Oracle VM VirtualBox prior to 3.2.20 / 4.0.22 / 4.1.30 / 4.2.20 / 4.3.4. It is, therefore, potentially affected by multiple, unspecified local security vulnerabilities related to a flaw in the 'Core' subcomponent.

Solution

Upgrade to Oracle VM VirtualBox to 3.2.20 / 4.0.22 / 4.1.30 / 4.2.20 / 4.3.4 or later.

See Also

https://www.securityfocus.com/archive/1/530945/30/0/threaded

http://www.nessus.org/u?17c46362

Plugin Details

Severity: Low

ID: 72007

File Name: virtualbox_4_3_4.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 1/17/2014

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.9

Vector: CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:oracle:vm_virtualbox

Required KB Items: VirtualBox/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/14/2014

Vulnerability Publication Date: 1/14/2014

Exploitable With

Core Impact

Reference Information

CVE: CVE-2014-0404, CVE-2014-0405, CVE-2014-0406, CVE-2014-0407

BID: 64911, 64913, 64900, 64905