CVE-2016-0678

MEDIUM

Description

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core.

References

http://lists.opensuse.org/opensuse-updates/2016-05/msg00130.html

http://lists.opensuse.org/opensuse-updates/2016-06/msg00002.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.securitytracker.com/id/1035607

Details

Source: MITRE

Published: 2016-04-21

Updated: 2016-12-03

Risk Information

CVSS v2.0

Base Score: 4.1

Vector: AV:L/AC:M/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 2.7

Severity: MEDIUM

CVSS v3.0

Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 0.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:vm_virtualbox:5.0.18:*:*:*:*:*:*:*

Tenable Plugins

View all (3 total)

IDNameProductFamilySeverity
91483openSUSE Security Update : virtualbox (openSUSE-2016-672)NessusSuSE Local Security Checks
medium
91411openSUSE Security Update : virtualbox (openSUSE-2016-666)NessusSuSE Local Security Checks
medium
90680Oracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU)NessusMisc.
medium