Lucene search

Kaspersky LabKLA10347

HistoryNov 16, 2009 - 12:00 a.m.

KLA10347 DoS vulnerability in VirtualBox

2009-11-1600:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

22.9%

JSON

An unspecified vulnerability was found in xVM VirtualBox. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally via vectors related to guest additions.

Original advisories

Related products

Oracle-VirtualBox

CVE list

CVE-2009-3940 warning

Solution

Update to latest version

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

xVM VirtualBox 1.6, 2.1, 2.2 all versionsxVM VirtualBox 2.0 versions 2.0.10 and earlierxVM VirtualBox 3.0 versions 3.0.8 and earlier

References

statistics.securelist.com/

threats.kaspersky.com/en/product/Oracle-VirtualBox/

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

22.9%

JSON

Related for KLA10347