Sun Virtualbox

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Sun	First view	2009-08-07
Product	Virtualbox	Last view	2009-11-16
Version		Type
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:a:sun:virtualbox:3.0.0:::::::*	3
cpe:2.3:a:sun:virtualbox:3.0.2:::::::*	3
cpe:2.3:a:sun:virtualbox:3.0.6:::::::*	2
cpe:2.3:a:sun:virtualbox:3.0.4:::::::*	2
cpe:2.3:a:sun:virtualbox:2.2:::::::*	2
cpe:2.3:a:sun:virtualbox:3.0.2:r49928::::::	2
cpe:2.3:a:sun:virtualbox:2.0.8:::::::*	2
cpe:2.3:a:sun:virtualbox:2.0.10:::::::*	2
cpe:2.3:a:sun:virtualbox:3.0:::::::*	1

Related : CVE

	Date	Alert	Description
2.1	2009-11-16	CVE-2009-3940	Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors.
7.5	2009-11-09	CVE-2009-3923	The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
7.2	2009-10-13	CVE-2009-3692	Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in Sun VirtualBox 3.0.x before 3.0.8 on Solaris x86, Linux, and Mac OS X allows local users to gain privileges via unknown vectors.
4.9	2009-08-07	CVE-2009-2715	Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction.
4.9	2009-08-07	CVE-2009-2714	Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors.

CWE : Common Weakness Enumeration

%	id	Name
50% (1)	CWE-287	Improper Authentication
50% (1)	CWE-20	Improper Input Validation

Oval Markup Language : Definitions

OvalID	Name
oval:org.mitre.oval:def:16725	Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2
oval:org.mitre.oval:def:16163	DEPRECATED: Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to ...

Open Source Vulnerability Database (OSVDB)

id	Description
60098	Sun VirtualBox Guest Additions Kernel Memory Exhaustion Local DoS
59685	Sun Virtual Desktop Infrastructure (VDI) VirtualBox Web Service Unspecified R...
58652	Sun VirtualBox VBoxNetAdpCtl Configuration Tool Unspecified Local Privilege E...
56893	Sun VirtualBox sysenter Instruction Local DoS
56810	Sun VirtualBox Unspecified Local DoS

ExploitDB Exploits

id	Description
9973	Sun VirtualBox <= 3.0.6 privilege escalation

OpenVAS Exploits

id	Description
2010-03-12	Name : Mandriva Update for virtualbox MDVSA-2010:059 (virtualbox) File : nvt/gb_mandriva_MDVSA_2010_059.nasl
2010-02-15	Name : Mandriva Update for msec MDVA-2010:059 (msec) File : nvt/gb_mandriva_MDVA_2010_059.nasl
2010-01-20	Name : Gentoo Security Advisory GLSA 201001-04 (virtualbox-bin virtualbox-ose virtua... File : nvt/glsa_201001_04.nasl
2009-11-26	Name : Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Linux) File : nvt/secpod_sun_virtualbox_dos_vuln_lin.nasl
2009-11-26	Name : Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Win) File : nvt/secpod_sun_virtualbox_dos_vuln_win.nasl
2009-11-20	Name : Sun VirtualBox 'VBoxNetAdpCtl' Privilege Escalation Vulnerability File : nvt/secpod_sun_virtualbox_priv_esc_vuln_lin.nasl
2009-10-13	Name : FreeBSD Ports: virtualbox File : nvt/freebsd_virtualbox.nasl

Nessus® Vulnerability Scanner

id	Description
2010-03-11	Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2010-059.nasl - Type: ACT_GATHER_INFO
2010-02-25	Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201001-04.nasl - Type: ACT_GATHER_INFO
2010-02-02	Name: The remote openSUSE host is missing a security update. File: suse_11_0_virtualbox-ose-100126.nasl - Type: ACT_GATHER_INFO
2010-02-02	Name: The remote openSUSE host is missing a security update. File: suse_11_1_virtualbox-ose-100126.nasl - Type: ACT_GATHER_INFO
2010-02-02	Name: The remote openSUSE host is missing a security update. File: suse_11_2_virtualbox-ose-100121.nasl - Type: ACT_GATHER_INFO
2009-11-17	Name: The remote Windows host is running a set of virtualization utilities that is ... File: virtualbox_guest_additions_local_dos.nasl - Type: ACT_GATHER_INFO
2009-10-08	Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ebeed063b32811deb6a50030843d3802.nasl - Type: ACT_GATHER_INFO
2009-08-13	Name: The remote host is missing Sun Security Patch number 141481-03 File: solaris10_141481.nasl - Type: ACT_GATHER_INFO
2009-08-13	Name: The remote host is missing Sun Security Patch number 141482-03 File: solaris10_x86_141482.nasl - Type: ACT_GATHER_INFO
2009-08-11	Name: The remote Windows host has an application that is affected by local denial o... File: virtualbox_3_0_4.nasl - Type: ACT_GATHER_INFO

vDNA Monitoring

	no vDNA Monitoring
Monitor this product now !

Global informations

Mapping	Total
CVE ID(s)	5
CWE ID(s)	2
OVALid	2
osvdb(s)	5
ExploitDB Exploit(s)	1
OpenVAS Exploit(s)	7
Nessus® Exploit(s)	10

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.4680s

Facebook rss twitter linkedin mail