Oracle VM VirtualBox 4.1.x < 4.1.8 Unspecified Local Issues

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by
unspecified local vulnerabilities.

Description :

The version of Oracle VM VirtualBox 4.1.x installed on the remote
Windows host is earlier than version 4.1.8 and is, therefore, affected
by two unspecified local vulnerabilities.

These vulnerabilities take advantage of shared folders and Windows Guest
Additions that a local attacker could use to access and modify data that
is accessible by Oracle VM VirtualBox.

See also :

http://www.nessus.org/u?035fa4ce
https://www.virtualbox.org/wiki/Changelog

Solution :

Upgrade to Oracle VM VirtualBox 4.1.8 or later.

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 2.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 62901 ()

Bugtraq ID: 51461
51465

CVE ID: CVE-2012-0105
CVE-2012-0111

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now