CVE-2014-2487

2014-07-1705:10:14

[email protected]

web.nvd.nist.gov

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

5.3

Confidence

Low

EPSS

0.001

Percentile

32.1%

JSON

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-4261.

Affected configurations

Nvd

Node

oraclevm_virtualboxRange3.2.0–3.2.24

oraclevm_virtualboxRange4.0–4.0.26

oraclevm_virtualboxRange4.1.0–4.1.34

oraclevm_virtualboxRange4.2.0–4.2.26

oraclevm_virtualboxRange4.3.0–4.3.14

AND

microsoftwindows

VendorProductVersionCPE
oraclevm_virtualbox*cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*