Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2004-0015
cve-2004-0015
vbox3
privilege escalation
tcl script
nvd
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges.
Affected configurations
Node
vbox3vbox3Range≤0.1.8
| CPE | Name | Operator | Version |
|---|---|---|---|
| vbox3:vbox3 | vbox3 | le | 0.1.8 |
Related
nessus
nessus
Debian DSA-418-1 : vbox3 - privilege leak
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 418-1 (vbox3)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-418)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2004-0015
2004-09-01 04:00:00
securityvulns
securityvulns
[SECURITY] [DSA 418-1] New vbox3 packages fix privilege leak
2004-01-09 00:00:00
nvd
nvd
CVE-2004-0015
2004-02-03 05:00:00
debian
debian
[SECURITY] [DSA 418-1] New vbox3 packages fix privilege leak
2004-01-08 07:19:27
osv
osv
vbox3 - privilege leak
2004-01-07 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2004-0015