CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
68.7%
Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to “incorrect interrupt handling.”
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | virtualization | 3.2 | cpe:2.3:a:oracle:virtualization:3.2:*:*:*:*:*:*:* |
oracle | virtualization | 4.0 | cpe:2.3:a:oracle:virtualization:4.0:*:*:*:*:*:*:* |
oracle | virtualization | 4.1 | cpe:2.3:a:oracle:virtualization:4.1:*:*:*:*:*:*:* |
www.debian.org/security/2012/dsa-2594
www.mandriva.com/security/advisories?name=MDVSA-2013:150
www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
www.securityfocus.com/bid/56045
www.securitytracker.com/id?1027666
exchange.xforce.ibmcloud.com/vulnerabilities/79380
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16681