CVE-2015-0377

MEDIUM

Description

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.

References

http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html

http://secunia.com/advisories/62694

http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf

http://www.debian.org/security/2015/dsa-3143

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.securityfocus.com/bid/72219

https://exchange.xforce.ibmcloud.com/vulnerabilities/100176

https://security.gentoo.org/glsa/201612-27

Details

Source: MITRE

Published: 2015-01-21

Updated: 2018-10-30

Risk Information

CVSS v2.0

Base Score: 4.4

Vector: AV:L/AC:M/Au:S/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 2.7

Severity: MEDIUM